Director of Security (75555)

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field; equivalent experience will also be considered.
• 10+ years of progressive experience in information security, cybersecurity, or related IT leadership roles.
• 5+ years of experience leading security teams or major security functions in a complex enterprise environment.
• Demonstrated success leading security operations, incident response, risk management, and security engineering programs.
• Experience working with MSSPs, security tooling vendors, and enterprise security platforms.
• Experience with SIEM technologies and security monitoring programs; experience with Google Chronicle strongly preferred.
• Strong understanding of identity and access management, vulnerability management, endpoint security, cloud security, network security, and governance practices.
• Experience in healthcare, highly regulated industries, or distributed multi-site environments strongly preferred.
• Strong executive communication skills with the ability to translate technical risk into business language.
• Proven ability to lead through influence, drive accountability, and deliver results in fast-moving environments.
• Relevant certifications such as CISSP, CISM, GIAC, CCSP, Microsoft SC-100

Nice To Haves

• Experience in correctional healthcare, payer/provider healthcare, or other complex care-delivery environments.
• Familiarity with Microsoft security ecosystem, cloud security controls, and enterprise modernization initiatives.
• Experience building or maturing a security program undergoing transformation, modernization, or operational scale-up

Responsibilities

• Security Strategy & Leadership Lead the development, execution, and ongoing maturity of Centurion’s enterprise cybersecurity strategy, roadmap, and operating model.
• Align security initiatives with business priorities, regulatory requirements, operational realities, and the broader IT strategy.
• Serve as the senior leader responsible for day-to-day security direction, decision-making, and program accountability.
• Advise the CIO and executive leadership on security posture, emerging threats, material risks, and investment priorities.
• Build a culture of accountability, responsiveness, and continuous improvement across the security function.
• Lead the security vendor management lifecycle, assist in shaping strategy, governance, performance accountability, and long-term partnerships.
• Security Operations & Incident Response Lead security operations across monitoring, detection, investigation, containment, response, and recovery activities.
• Oversee relationships and operating effectiveness with managed security partners and service providers, ensuring strong performance, clear escalation, and meaningful outcomes.
• Ensure effective use of security monitoring and SIEM platforms, including Google Chronicle and related detection and response capabilities.
• Establish and maintain clear incident response procedures, escalation paths, communication protocols, and after-action review processes.
• Drive improvements in threat detection, alert triage, response speed, and operational resilience.
• Security Engineering & Architecture Partner with infrastructure and enterprise technology teams to design and implement secure, scalable, and supportable security controls.
• Lead security engineering efforts across endpoint protection, identity and access management, network security, email security, vulnerability management, cloud security, logging, and data protection.
• Ensure security solutions are integrated thoughtfully into the enterprise environment without creating unnecessary operational burden or complexity.
• Support modernization efforts by embedding security into cloud strategy, Microsoft ecosystem initiatives, enterprise applications, and future digital platforms.
• Risk, Governance & Compliance Establish a pragmatic and business-relevant approach to cyber risk management, control assessment, and remediation tracking.
• Partner with internal stakeholders to support HIPAA, healthcare security requirements, contractual obligations, audits, and policy compliance.
• Maintain and evolve security policies, standards, procedures, and governance processes to reflect the needs of a modern healthcare enterprise.
• Present clear, actionable reporting on risk, incidents, vulnerabilities, and program maturity to executive leadership.
• Demonstrated expertise enabling and operationalizing NIST frameworks, including 800-171 and 800-53, with hands on experience supporting FedRAMP & GovRAMP compliance Lead vulnerability management and remediation governance, ensuring risks are identified, prioritized, tracked, and resolved in partnership with system owners.
• Identity, Access & Data Protection Oversee strategy and operational controls related to identity governance, privileged access, authentication, and role-based access.
• Ensure appropriate safeguards are in place to protect sensitive business and healthcare information across systems, users, devices, and third parties.
• Partner with application and operational leaders to strengthen data security practices while maintaining business usability.
• Team Development & Cross-Functional Leadership Build, lead, and mentor a high-performing security team with clear expectations, strong ownership, and a service-oriented mindset.
• Develop internal talent and create scale through effective processes, prioritization, and smart use of partners and platforms.
• Collaborate effectively with leaders across infrastructure, field operations, enterprise applications, service desk, compliance, legal, HR, and business operations.
• Act as a trusted escalation point for complex security matters and critical business decisions.