About the role
The IT Director, Cyber Security is responsible for working with project teams, IT groups, and senior leadership to protect sensitive information for the various applications and technologies. This key role is accountable for designing, implementing, managing, and reporting on security controls for the organization.
The Director advances an effective information security management program by maintaining, implementing, and monitoring security related policies and procedures throughout the company.
This is a hybrid remote role, offering a flexible work arrangement out of either our Raleigh, NC or Vienna, VA offices.
- Manage the delivery of all day-to-day information security operations, policies, architecture, and governance.
- Provide overall information security management direction to the company. Manage all due diligence for the security function and security systems. Identify risks and system needs, define solutions and appropriate standards, and established security policies and procedures.
- Identify potential risks, threats, and vulnerabilities present in the environment and develops and provides guidance for appropriate security controls to mitigate them.
- Advise and assist executives with risk management of confidential information, data security, training and compliance on security matters. They will manage the delivery of security operations through multiple security service providers to meet the company’s security needs.
- Develop and execute IT security policy plans and procedures.
- Execute key tasks and projects by the security team, ensuring that they stay on track with goals and timelines.
- Interact internally and externally with senior level management, requiring negotiation of extremely critical matters. Influence policymaking.
- Maintain ownership of the development, compliance and exceptions to information security policies, standards, and procedures.
- Maintain a strategic framework for guiding year-over-year IT investment decisions, defined with sustainable metrics for measuring performance and outcome.
- Manage relationships with 3rd party providers of service delivery and security monitoring and/or tools to ensure assets are being protected.
- Perform risk analysis for corporate functional and technical areas relevant to information security.
- Make recommendations to management on enhancements to existing and new security hardware, software or related tools. Assist in evaluating, planning, configuration, and implementation of new/existing security applications/tools.
- Ensure security best practices are identified and integrated into all facets of the project including network, system designs/configuration, and implementations.
- Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks. Partner with various business areas to enhance security policies/procedures.
- Facilitate internal and external penetration testing and audit participation, where applicable.
- Leads the identification, response, investigation, and remediation of potential breaches of and issues surrounding information security.
- Responsible for executing programs for user awareness, compliance monitoring, and security compliance; maintaining information security devices and software; monitoring compliance procedures; and resolving security policy issues.
- Bachelor’s degree, preferred in Business or Computer Science; or relevant work experience.
- Minimum of 10 years of information security experience in multi-location retail healthcare domain.
- 5+ years cloud security solutions & cloud-based architecture (IAAS, PAAS, SAAS)
- Minimum of 4 years of information or IT leadership experience, demonstrating strategic vision and strong business acumen.
- Certifications: (one or more) Certificate of Cloud Security Knowledge (CCSK), Certified Cloud Security Professional (CCSP), Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC).
- Knowledge and understanding of relevant legal, regulatory and privacy requirements, such as Health Insurance Portability and Accountability Act(HIPAA), Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
- Knowledge of common information technology management frameworks such as ISO/IEC 27001, ITIL, COBIT, and NIST.
- Knowledge of information systems security and controls for LAN/Client/Server, UNIX, Windows, SQL Server, as well as e-Commerce and Internet/web technologies.
Growth With Us
- Career Development and Training Opportunities
- Participate in a comprehensive benefits package including medical and dental coverage, tax-free savings plans, life insurance and more
- Participate in our Vision coverage and associate discounts on our products
- Participate in our 401(k) with competitive company match
- Accrue PTO and paid holidays from day one
Introduction | MyEyeDr.
How do you see yourself today? Are you looking for that unique opportunity where you can make a difference in the lives of the patients we serve? MyEyeDr. is a high-growth, premier healthcare company: a total vision care concept with a unique retail experience. Our trusted community doctors and knowledgeable teams are all focused on helping our patients live their best lives by delivering an exceptional, personalized experience to each of our patients in every interaction. Our business model is unlike others in the industry: we make healthcare accessible by welcoming all insurance and providing a great selection of stylish eyewear that meets the diverse needs of our patients.
This role provides a chance for you to build your professional career with an organization that is purposeful and whose values drive actions. You would have the opportunity to prioritize the care of our associates and our patients, to connect the knowledge of our talented teams to our patients’ needs, and to work in a fun, inclusive environment as part of a collaborative team. We are in search of that unique individual who is inspired by a career focused on helping others and providing quality care while continuously growing professionally and improving MyEyeDr. in meaningful ways. If this is you, we encourage you to apply so you can get your journey started with MyEyeDr. where you can help people see, look, and be their very best.
MyEyeDr. is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, religion, sex/gender (including pregnancy), sexual orientation, gender identity or gender expression, age, physical or mental disability, military or protected veteran status, citizenship, familial or marital status, genetics, or any other legally protected category. MyEyeDr. will not tolerate discrimination or harassment based on any of these characteristics.