Goldstone Partners, Inc.

Senior Director – Information Security and Risk Management

Goldstone Partners, Inc.

full-time

Posted on:

Origin:  • 🇺🇸 United States • Illinois

Visit company website
AI Apply
Manual Apply

Salary

💰 $170,000 - $185,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloud

About the role

  • Overseeing all aspects of information security, including application security, infrastructure security, SOC operations, incident response, and third-party risk management
  • Serving as a trusted advisor to executive leadership on security posture, risk, and enterprise resilience
  • Defining and executing the company’s security strategy aligned with business objectives — building a proactive security posture that protects systems, data, and customers
  • Leading major incident response efforts, from technical containment to executive and board-level communications
  • Partnering with IT, DevOps, and business units to embed security into technology, systems, and business processes
  • Managing SOC operations, threat detection, and secure design of systems, applications, and cloud environments (AWS, Azure)
  • Ensuring adherence to leading security and compliance frameworks, including HIPAA, HITECH, FedRAMP, SOC 2, ISO 27001, and PCI DSS
  • Supporting compliance teams by providing technical security expertise during audits and assessments
  • Building the foundation for a scalable security organization — positioning yourself as a strategic leader!

Requirements

  • Bachelor’s degree in computer science or engineering and 10+ years of professional experience in information security
  • At least 5 years of experience in progressive leadership roles with proven ability to develop talent, lead through others, and drive team performance
  • Demonstrated success leading enterprise-wide security programs, including incident response, SOC operations, and threat detection capabilities
  • Strong knowledge of cloud security architecture (AWS, Azure) and modern security technologies
  • Deep understanding of security and compliance frameworks, including HIPAA, FedRAMP, NIST, CIS benchmarks, SOC 2, and ISO 27001
  • Recognized security certifications such as CISSP or CISM; additional certifications like CISA, CCSP, AWS Security Specialty, or Azure Security Engineer are highly valued
  • Hands-on experience with application and infrastructure security tools, including SAST/DAST, Aikido, Wiz, KnowBe4, and Microsoft Defender
  • Experience in Healthcare IT environments, including SaaS delivery and EHR systems, with a strong grasp of HIPAA/HITECH compliance requirements
  • Executive presence with strong presentation and communication skills to engage and align cross-functional stakeholders
  • Strategic thinker — you can see the big picture while focusing teams on execution and delivery
  • Outcome-focused, results-oriented mindset — a decisive leader who sees challenges as opportunities and approaches work with optimism
  • Applications welcome for those who are US Citizens or hold a Green Card. Principals only, please.