Director, IT Security

Join to apply for the Director, IT Security role at Med Vet
.

Med Vet is the largest family of emergency and specialty hospitals owned and led by veterinarians. This distinction means we place the needs of our team first and have unique insight into the challenges our caregivers face and what’s needed to provide the best specialty and emergency medicine every time, every day, to everyone.

The Director of IT Security is responsible for establishing, implementing, and governing the organization’s cybersecurity strategy, policies, and controls to protect information assets, ensure business continuity, and support regulatory compliance. This leader provides strategic direction, operational oversight, risk management leadership, and cross‑functional partnership to safeguard the confidentiality, integrity, and availability of systems, networks, applications, and data. The ideal candidate is a highly technical, business‑savvy security executive capable of balancing strong governance with practical, scalable execution.

• Develop and execute the enterprise cybersecurity strategy aligned with organizational goals.
• Lead the design and maturity of the organization’s security program, roadmap, and governance structure.
• Provide executive leadership, guidance, and reporting to senior leadership regarding cybersecurity risk posture, initiatives, and incidents.
• Establish security KPIs, maturity benchmarks, and reporting dashboards.

• Own the enterprise risk management practices for cybersecurity, including ongoing risk assessment, mitigation strategies, and executive reporting.
• Develop, maintain, and enforce security policies, standards, and procedures.
• Oversee vendor and third‑party security risk evaluation.
• Ensure compliance with applicable regulatory and industry requirements (e.g., PCI‑DSS, NIST, and state privacy laws, etc., as applicable).

• Lead security operations including threat detection, incident monitoring, vulnerability management, and response.
• Oversee EDR, SIEM, identity management, zero‑trust initiatives, data loss prevention, email protection, network segmentation, and other core security controls.
• Direct responses to cybersecurity incidents, including triage, containment, investigation, recovery, communication, and post‑incident review.
• Partner with IT Infrastructure and Application teams to embed security‑by‑design across technology initiatives.

• Lead enterprise identity strategy including authentication, authorization, SSO/MFA, privileged access, and lifecycle governance.
• Develop and implement data protection programs including encryption, DLP, data governance, and secure information handling.

• Oversee disaster recovery and business continuity frameworks, ensuring resilience planning, testing, and readiness.
• Ensure crisis management playbooks, tabletop exercises, and executive readiness programs are in place.

• Lead, mentor, and develop high‑performing security teams and managed service partners.
• Build strong partnerships across IT, Compliance, Legal, HR, Clinical/Operations, and Executive Leadership.
• Serve as a trusted advisor and champion for security culture, awareness, and training initiatives enterprise wide.

• Bachelor’s Degree in Information Security, Computer Science, Information Systems, or related discipline; equivalent experience considered.
• Proven experience building and leading enterprise cybersecurity programs in mid‑to‑large scale environments.
• Deep knowledge of security frameworks and standards (NIST CSF, ISO 27001, CIS Controls, Zero Trust, etc.).
• Demonstrated expertise in incident response, risk management, vulnerability management, identity security, and modern cloud security.
• Experience working with executive leadership and presenting risk posture at a senior level.
• Certifications strongly preferred: CISSP, CISM, CISA, CCSP, CRISC, or equivalent.

• Experience in multi‑site or geographically distributed organizations.
• Experience in healthcare, financial services, or other highly regulated environment (if applicable).
• Experience leading outsourced or hybrid security program models (MDR, SOC providers, managed SIEM, etc.).
• Strong understanding of Microsoft 365, Azure, cloud platforms, and modern enterprise environments.

Med Vet offers competitive compensation and full benefits package, including paid time off, health insurance, dental, vision, and 401(k).

Come as you are. Med Vet is an equal opportunity employer. We are also a drug‑free organization; therefore, employment with Med Vet is dependent upon the passing of a drug screen and background check.

Med Vet does not accept unsolicited resumes from third‑party recruiters.