Jobs via Dice
Senior Director, Information Security Delivery - Sector Lead
Jobs via Dice, Houston, Texas, United States, 77246
Senior Director, Information Security Delivery - Sector Lead
Join Gainwell to lead security transformation across a focused sector of client accounts.
Summary The Sr. Director, Information Security Delivery – Sector Lead is an executive leader responsible for strategic oversight and execution of security activities across a cohort of healthcare and Medicaid client accounts. The role drives security excellence, standardization, and measurable business value through a team of Information Security Officers (ISOs) and collaborates closely with senior client and Gainwell leadership. Healthcare experience, especially Medicaid expertise, is essential.
Your role in our mission
Serve as the security authority for all accounts within the assigned sector.
Support and drive the transformation of security into a business value add, emphasizing proactive risk management, innovation, and client differentiation.
Navigate complex regulatory environments and collaborate with state and federal government agencies to ensure alignment and compliance.
Promote security as a strategic business enabler through thought leadership, client engagement, and internal advocacy.
Drive consistency and standardization across accounts, reducing variation and improving efficiency.
Define and enforce clear metrics that drive informed decision-making and continuous improvement.
Lead the development and use of sector specific dashboards to provide real-time visibility into security posture, performance, and risk.
Represent the security program in client meetings, governance forums, and strategic discussions.
Tailor security strategies and communications to meet client-specific needs and expectations, especially in healthcare and Medicaid environments.
Develop and implement client engagement frameworks that promote proactive communication, responsiveness, and trust-building.
Collaborate with client leadership to co-create security strategies that align with business goals and regulatory requirements.
Monitor and evaluate client satisfaction metrics, using feedback to continuously improve security services and delivery.
Empower ISO teams to act as trusted advisors to clients, providing insights, recommendations, and thought leadership in security.
Represent the sector in client escalations and strategic forums, ensuring timely resolution and alignment with client expectations.
Promote the visibility of security achievements and innovations to clients, reinforcing the value of Gainwell's security program.
Ensure security deliverables are not only compliant and effective but also presented in a way that builds client confidence and trust.
Ensure ISO teams are aligned with vulnerability management processes, including identification, prioritization, remediation, and reporting.
Champion the integration of vulnerability management into account level security strategies, ensuring alignment with business risk and regulatory requirements.
Collaborate with infrastructure, application, cloud, and business teams to ensure cross-functional coordination and timely resolution of vulnerabilities.
Support the development and enforcement of standardized vulnerability lifecycle processes across the sector.
Participate in vulnerability governance forums, representing sector interests and ensuring strategic alignment with enterprise risk management.
Promote transparency and visibility of vulnerability management efforts to clients and internal stakeholders through regular reporting and communication.
Advocate for the use of automation and threat intelligence to enhance prioritization and accelerate remediation efforts.
Ensure sector teams contribute meaningfully to the success of the enterprise vulnerability management program, even if not directly managing it.
Ensure ISO teams are identifying and addressing emerging risks before they escalate, using threat intelligence, vulnerability data, and business context.
Collaborate with enterprise risk management, compliance, and legal teams to align sector-level risk activities with broader organizational goals.
Establish clear risk ownership and accountability across ISO teams, ensuring timely mitigation and escalation of critical issues.
Develop and maintain sector-specific risk registers, tracking key risks, mitigation plans, and progress toward resolution.
Use metrics and dashboards to monitor risk trends, identify systemic issues, and inform strategic decision‑making.
Ensure risk management practices are tailored to the healthcare environment, with a strong focus on Medicaid program requirements and state/federal regulations.
Provide regular risk briefings to senior leadership and clients, reinforcing transparency and trust in the organization's security posture.
Lead the advancement of security program maturity across all sector accounts, leveraging frameworks such as NIST Cybersecurity Framework, CIS Controls, and ISO 27001.
Conduct regular maturity assessments to identify gaps, benchmark against industry peers, and prioritize initiatives that elevate program effectiveness.
Develop and execute multi‑year maturity roadmaps with clear milestones, KPIs, and alignment to business and regulatory priorities.
Ensure ISO teams are actively contributing to maturity efforts by implementing best practices, standardizing processes, and driving measurable improvements.
Use data‑driven insights to inform strategic decisions, optimize resource allocation, and enhance security posture across the sector.
Encourage cross‑functional collaboration to integrate security maturity goals with IT, compliance, and business operations.
Align continuous improvement efforts with healthcare‑specific requirements, including Medicaid program mandates and state/federal regulations.
Recognize and reward innovation and excellence in security delivery, reinforcing a high‑performance culture across the sector.
What We’re Looking For
Master’s degree required, preferably an MBA.
Bachelor’s degree in Information Security, Computer Science, or a related field preferred.
A minimum of 12 years of experience in information security, with at least 8 years in leadership roles.
Relevant certifications such as CISSP, CISM, or CISA are required.
Extensive experience in information security, including leadership roles with a focus on strategic planning, program development, and operational management.
Experience in building and managing comprehensive information security programs, including metrics, dashboards, and continuous improvement initiatives.
Proven track record of building and managing high‑performing teams, developing and implementing comprehensive security programs, and driving continuous improvement initiatives.
What You Should Expect In This Role
This role will require regular travel to clients within the United States.
The position may involve working outside of regular business hours to address security incidents or urgent issues.
Benefits
Competitive pay range: $200,000 – $250,000 per year (variable based on region and experience).
Generous, flexible vacation policy.
401(k) employer match.
Comprehensive health benefits, including medical, dental, and vision.
Educational assistance and leadership development academies.
Opportunities for growth in a culture that values flexibility, learning, and career development.
Equal Opportunity Statement Gainwell Technologies is an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), age, sexual orientation, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
#J-18808-Ljbffr
Summary The Sr. Director, Information Security Delivery – Sector Lead is an executive leader responsible for strategic oversight and execution of security activities across a cohort of healthcare and Medicaid client accounts. The role drives security excellence, standardization, and measurable business value through a team of Information Security Officers (ISOs) and collaborates closely with senior client and Gainwell leadership. Healthcare experience, especially Medicaid expertise, is essential.
Your role in our mission
Serve as the security authority for all accounts within the assigned sector.
Support and drive the transformation of security into a business value add, emphasizing proactive risk management, innovation, and client differentiation.
Navigate complex regulatory environments and collaborate with state and federal government agencies to ensure alignment and compliance.
Promote security as a strategic business enabler through thought leadership, client engagement, and internal advocacy.
Drive consistency and standardization across accounts, reducing variation and improving efficiency.
Define and enforce clear metrics that drive informed decision-making and continuous improvement.
Lead the development and use of sector specific dashboards to provide real-time visibility into security posture, performance, and risk.
Represent the security program in client meetings, governance forums, and strategic discussions.
Tailor security strategies and communications to meet client-specific needs and expectations, especially in healthcare and Medicaid environments.
Develop and implement client engagement frameworks that promote proactive communication, responsiveness, and trust-building.
Collaborate with client leadership to co-create security strategies that align with business goals and regulatory requirements.
Monitor and evaluate client satisfaction metrics, using feedback to continuously improve security services and delivery.
Empower ISO teams to act as trusted advisors to clients, providing insights, recommendations, and thought leadership in security.
Represent the sector in client escalations and strategic forums, ensuring timely resolution and alignment with client expectations.
Promote the visibility of security achievements and innovations to clients, reinforcing the value of Gainwell's security program.
Ensure security deliverables are not only compliant and effective but also presented in a way that builds client confidence and trust.
Ensure ISO teams are aligned with vulnerability management processes, including identification, prioritization, remediation, and reporting.
Champion the integration of vulnerability management into account level security strategies, ensuring alignment with business risk and regulatory requirements.
Collaborate with infrastructure, application, cloud, and business teams to ensure cross-functional coordination and timely resolution of vulnerabilities.
Support the development and enforcement of standardized vulnerability lifecycle processes across the sector.
Participate in vulnerability governance forums, representing sector interests and ensuring strategic alignment with enterprise risk management.
Promote transparency and visibility of vulnerability management efforts to clients and internal stakeholders through regular reporting and communication.
Advocate for the use of automation and threat intelligence to enhance prioritization and accelerate remediation efforts.
Ensure sector teams contribute meaningfully to the success of the enterprise vulnerability management program, even if not directly managing it.
Ensure ISO teams are identifying and addressing emerging risks before they escalate, using threat intelligence, vulnerability data, and business context.
Collaborate with enterprise risk management, compliance, and legal teams to align sector-level risk activities with broader organizational goals.
Establish clear risk ownership and accountability across ISO teams, ensuring timely mitigation and escalation of critical issues.
Develop and maintain sector-specific risk registers, tracking key risks, mitigation plans, and progress toward resolution.
Use metrics and dashboards to monitor risk trends, identify systemic issues, and inform strategic decision‑making.
Ensure risk management practices are tailored to the healthcare environment, with a strong focus on Medicaid program requirements and state/federal regulations.
Provide regular risk briefings to senior leadership and clients, reinforcing transparency and trust in the organization's security posture.
Lead the advancement of security program maturity across all sector accounts, leveraging frameworks such as NIST Cybersecurity Framework, CIS Controls, and ISO 27001.
Conduct regular maturity assessments to identify gaps, benchmark against industry peers, and prioritize initiatives that elevate program effectiveness.
Develop and execute multi‑year maturity roadmaps with clear milestones, KPIs, and alignment to business and regulatory priorities.
Ensure ISO teams are actively contributing to maturity efforts by implementing best practices, standardizing processes, and driving measurable improvements.
Use data‑driven insights to inform strategic decisions, optimize resource allocation, and enhance security posture across the sector.
Encourage cross‑functional collaboration to integrate security maturity goals with IT, compliance, and business operations.
Align continuous improvement efforts with healthcare‑specific requirements, including Medicaid program mandates and state/federal regulations.
Recognize and reward innovation and excellence in security delivery, reinforcing a high‑performance culture across the sector.
What We’re Looking For
Master’s degree required, preferably an MBA.
Bachelor’s degree in Information Security, Computer Science, or a related field preferred.
A minimum of 12 years of experience in information security, with at least 8 years in leadership roles.
Relevant certifications such as CISSP, CISM, or CISA are required.
Extensive experience in information security, including leadership roles with a focus on strategic planning, program development, and operational management.
Experience in building and managing comprehensive information security programs, including metrics, dashboards, and continuous improvement initiatives.
Proven track record of building and managing high‑performing teams, developing and implementing comprehensive security programs, and driving continuous improvement initiatives.
What You Should Expect In This Role
This role will require regular travel to clients within the United States.
The position may involve working outside of regular business hours to address security incidents or urgent issues.
Benefits
Competitive pay range: $200,000 – $250,000 per year (variable based on region and experience).
Generous, flexible vacation policy.
401(k) employer match.
Comprehensive health benefits, including medical, dental, and vision.
Educational assistance and leadership development academies.
Opportunities for growth in a culture that values flexibility, learning, and career development.
Equal Opportunity Statement Gainwell Technologies is an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), age, sexual orientation, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
#J-18808-Ljbffr