Director of Infrastructure & Information Security

• Location: Dallas, Texas
• Type: Dallas:IT:Direct Hire
• Job #10407

Job Summary:
As the Director of Infrastructure & Information Security for our client, you will lead the management of the organization’s Information Security Risk Management program and oversee its cloud technology environment. Success in this role requires a passion for safeguarding information, a deep understanding of risk prioritization and remediation, and the ability to embed information security within an overall risk management and governance framework.

This dynamic position involves leading cyber risk governance, security operations, and cloud infrastructure management through a combination of internal and external resources. You’ll be hands-on in addressing technical challenges, developing policies and procedures, performing risk assessments, delivering security awareness training, and serving as the organization’s voice for Information Security across a fast-paced and growing enterprise.

Responsibilities:

• Develop, implement, and maintain a comprehensive Information Security Governance and Risk Management Program to protect electronic information assets, including ePHI, PII, and other sensitive data.
• Design, deliver, and support infrastructure and security services for the organization, including cloud systems such as Azure, Microsoft 365, Meraki, ArcticWolf, and related technologies.
• Supervise and manage internal teams, vendors, and external partners supporting the IT and information security functions.
• Monitor, evaluate, and improve information security controls across the organization. Proactively manage risks to protected data and lead efforts to detect, investigate, and respond to security incidents.
• Conduct and document internal and third-party risk assessments regularly, leveraging external partners as necessary.
• Develop and implement appropriate policies, procedures, training, and technical controls to mitigate identified risks.
• Ensure compliance with HIPAA, PII, and other regulatory or accreditation requirements related to information security.
• Collaborate with leadership and legal counsel to manage data incident response and breach notification activities, ensuring proper documentation and follow-up.
• Develop and maintain an organization-wide information security education and awareness program for all employees and stakeholders.

Qualifications:
Education

• Bachelor’s degree in Information Technology, Information Security, or a related field.
• CHPSE, CISSP, and/or CCSFP certification preferred, or willingness to obtain one.

Experience

• Minimum of 7 years of progressive experience in IT infrastructure, healthcare privacy, and information security management.
• Skills and Competencies
• Proven expertise in information security within regulated industries, particularly healthcare.
• Strong technical acumen and hands-on experience in infrastructure, security operations, and cloud technologies.
• Experience with Microsoft Azure, Microsoft 365, Intune, Kaseya, Arctic Wolf, MaaS365, or similar systems.
• Demonstrated success in building and managing high-performing teams.
• Proficiency in project and process management methodologies and tools.
• Exceptional communication, leadership, and collaboration skills.
• Willingness to work in a hands-on, fast-paced, and growth-oriented environment.