Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

VP, Information Security & Risk Management

Job

PathGroup

Brentwood, TN (In Person)

Full-Time

Posted 1 week ago (Updated 1 day ago) • Actively hiring

Expires 7/4/2026

See Job Scorecard

Review key factors to help you decide if the role fits your goals.

How is this calculated?

Pay Growth

out of 5

Not enough data

Not enough info to score pay or growth

Job Security

out of 5

Not enough data

Calculating job security score...

Total Score

out of 100

Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Job Summary:

The Vice President of Information Security & Risk Management is responsible for developing, operationalizing, and overseeing the execution of the enterprise information security and compliance program, ensuring alignment with organizational risk tolerance, regulatory requirements, and business objectives. This role serves as the primary bridge between enterprise strategy and operational execution, overseeing security governance, compliance programs, and enterprise incident response while leading cross-functional engagement with executives, clients, and external stakeholders.

JOB RESPONSIBILITIES

ESSENTIAL

FUNCTIONS

Develop and operationalize the organization's information security strategy, ensuring alignment with business priorities Translate strategic objectives into measurable programs, initiatives, and controls across the enterprise Establish performance metrics (KPIs/KRIs) to evaluate security posture and program effectiveness Oversee the enterprise information security compliance program, including HIPAA Security Rule alignment and internal compliance requirements Direct security governance frameworks, policies, and standards Ensure consistent implementation and monitoring of controls across the organization Provide oversight of audit readiness, regulatory responses, and remediation strategies Oversee enterprise incident response governance, ensuring consistent processes for escalation, communication, and mitigation Coordinate executive-level communications during security incidents Ensure alignment between operational response teams and executive decision-making Provide leadership oversight of security operations through Director-level teams Ensure execution of core security functions, including threat monitoring, vulnerability management, and risk mitigation Drive accountability for operational performance and program delivery Lead major client, partner, and vendor security engagements, including security reviews and contractual security discussions Serve as a key representative for security posture in customer and partner interactions Collaborate with Legal, Compliance, and IT to ensure alignment on risk acceptance and mitigation strategies Lead and develop information security leadership (Directors, Managers) Establish organizational structure, priorities, and resource planning for the security function Promote a culture of accountability, risk awareness, and continuous improvement

NON-ESSENTIAL FUNCTIONS

Work with other departments within PathGroup and subsidiaries. Nothing in the job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Other duties as assigned.

EDUCATION & LICENSURE

Bachelor's degree in Cybersecurity, Information Technology, or related discipline Certifications such as CISSP, CISM, CISA, or

HITRUST CCSFP EXPERIENCE

10+ years of progressive experience in information security, with leadership responsibility Strong experience in healthcare regulatory environments (HIPAA, HITECH) Proven ability to operate at both strategic and operational levels Experience leading enterprise security programs in healthcare or regulated environments