Point C

Director, Information Technology Governance

Point C

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $140,000 - $165,000 per year

Job Level

Lead

About the role

  • Lead IT governance, including policy development, lifecycle management, and governance committee oversight
  • Maintain an auditable policy library with structured review and approval processes
  • Align security policies with HIPAA, HITRUST, SOC 2, and other regulatory frameworks
  • Translate audit findings into actionable controls and remediation plans
  • Own the IT security awareness and training program, including role-based training and phishing simulations
  • Oversee vendor and third-party risk management, including due diligence, risk assessments, and ongoing monitoring
  • Manage the IT risk register and drive risk mitigation strategies with executive reporting
  • Support audit readiness through control testing, reporting, and coordination of internal/external audits
  • Promote adoption of enterprise security standards across identity, access, and data protection

Requirements

  • 8+ years in information security, IT governance, or risk management
  • 3+ years leading governance or compliance programs in healthcare or regulated industries
  • Experience with HITRUST, SOC 2 Type II, and HIPAA
  • Proven experience building policy, awareness, and vendor risk programs
  • Strong risk management, stakeholder communication, and executive reporting skills
  • CISA, CISSP, CRISC, or CISM preferred
Benefits
  • Comprehensive medical, dental, vision, and life insurance coverage
  • 401(k) retirement plan with employer match
  • Health Savings Account (HSA) & Flexible Spending Accounts (FSAs)
  • Paid time off (PTO) and disability leave
  • Employee Assistance Program (EAP)
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IT governancepolicy developmentlifecycle managementrisk assessmentscontrol testingremediation plansvendor risk managementsecurity policies alignmentaudit readinessrisk mitigation strategies
Soft Skills
stakeholder communicationexecutive reportingleadershiporganizational skillstraining program management
Certifications
CISACISSPCRISCCISM