Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Director Information Security at Oxenham Group Director Information Security at Oxenham Group in Winter Park, Florida Posted in 1 day ago.
Type:
full-time
Job Description:
The Opportunity Our client is a healthcare organization serving a large national membership base. They manage member health and payment data at scale and operate in a regulated compliance environment spanning PCI-DSS and HIPAA-adjacent requirements. The organization is actively investing in its technology function: modernizing infrastructure and building a forward-looking AI governance strategy. This is a program-building role. You will inherit a small team and own the full security function: strategy, execution, compliance, budget, and board-level reporting. The right candidate wants to build, not maintain. Essential Job Duties & Responsibilities Develop and maintain IT Security Roadmap, including timelines and budgets Lead IT Security plans for Artificial Intelligence, including Agentic AI for software development and business process automation Provide IT Security expertise for, and actively participate in, the AI Oversight Committee Plan, design, develop, and implement Information Security policies and practices across the company's hybrid infrastructure environment using common security tools Lead a team of Information Security professionals to drive vision, goals, and objectives including managing staffing, performance, and budgets Maintain IT Compliance and Information Security framework, including risk management policies, standards, and guidelines Conduct regular security monitoring and reporting to ensure adequate security defenses, systems, and settings are in place to protect against intrusion, theft, destruction, or misuse of company information Coordinate and execute proactive information security consulting to business and IT teams covering cybersecurity, electronic data management, network architecture, and access management Lead the security incident response process Adhere to and enforce system security policies and comply with applicable laws and regulations, including banking laws, PCI/PHI, and HIPAA Monitor internal control systems to ensure appropriate information access levels are maintained; perform security audits on software, networks, and hybrid environments (on-premises, public cloud, private cloud, SaaS) Perform information security risk analysis and periodic information system activity reviews Develop and maintain an executive scorecard based on IT organization OKRs for IT Security Lead all IT Security audit responses, management responses, and action plans Provide Board-level input to the CIO for Board presentations All other duties as assigned Essential Skills & Abilities Ability to work as part of a multidisciplinary team and collaborate across functions Advanced skill in administering data security programs Advanced skill in disaster recovery planning Strong interpersonal and verbal communication skills Knowledge of security implications of cloud-based information systems and experience driving transformational change within cloud-based, secure environments with control systems Experience working with the security needs and compliance requirements of financial and/or healthcare institutions Demonstrated experience deploying and operating the following tools: CrowdStrike, KnowBe4, Qualys, Rapid7, Orca, ThreatLocker, Thycotic, Trend Micro Security, Directory Synchronization Tool, Trend Micro Full Disk Encryption, Pentera, Immersive Labs, or equivalent Ability to effectively manage problems involving multiple variables Leadership ability - coaching, training, performance management, budget planning, and staffing in support of a high-performing team Education and/or Experience Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a closely related field with 8+ years of progressive experience required, preferably in a healthcare payer or financial services organization of similar size or larger 5+ years of experience working with IT guidelines and requirements compliant with at least two of the following:
HIPAA, PCI-DSS, HITRUST, SOC 1/2/3
Prior supervisory experience leading IT security professionals required
