Position Title
Director, Cybersecurity Compliance
Job Description
Purpose & Scope:
The Director of Cybersecurity Compliance leads the healthcare organization's information security governance, risk, and compliance (GRC) program. This role is accountable for defining regulatory requirements, establishing risk management frameworks, and independently assessing the effectiveness of cybersecurity controls to ensure alignment with healthcare regulations, patient privacy obligations, and industry standards.
This leader serves as the independent oversight function for cybersecurity, ensuring that controls implemented by cybersecurity and IT teams meet regulatory, audit, and risk expectations without introducing bias from operational ownership. The Director partners closely with cybersecurity operations, clinical leadership, legal, and compliance to embed security and compliance into workflows while maintaining safe and uninterrupted patient care.
Education:
Bachelor's degree in Information Security, Information Technology, Healthcare Administration, or related field. Master's preferred.
Experience:
10+ years of experience in IT security, risk, or compliance, with significant experience in healthcare
5+ years in a leadership role within a healthcare or regulated environment
Knowledge and Skills
- Deep knowledge of healthcare regulations (HIPAA/HITECH) and security frameworks (NIST, HITRUST, ISO)
- Strong understanding of risk management methodologies and audit practices
- Experience with GRC platforms and compliance tooling
- Ability to independently assess control effectiveness and identify gaps
- Strong understanding of PHI handling, privacy requirements, and breach response obligations
- Ability to translate regulatory requirements into practical governance structures
Certification/Licensure:
- CISSP, CISM, CISA, or CRISC, preferred
- HCISPP (Healthcare Information Security and Privacy Practitioner), preferred
- HITRUST CCSFP, preferred
Additional Job Description
At VHC Health, every role contributes to exceptional care, better outcomes, and stronger communities.
In addition to your base compensation, VHC Health offers a comprehensive benefits package, including medical, dental, and vision coverage (subject to eligibility requirements), as well as additional wellness and retirement benefits designed to support our employees and their families.
VHC Health is committed to wage transparency and equitable pay practices. The compensation offered for this position-whether expressed as an annual salary or hourly rate-is determined based on a variety of legitimate, non-discriminatory factors. These factors include, but are not limited to, a candidate's qualifications, relevant training and experience, skill level, shift differentials (where applicable), internal equity, and current market conditions.
The posted hiring range reflects the range VHC Health, in good faith, believes is appropriate for this role at the time of posting. This range may be adjusted in the future based on business needs or market changes. No portion of compensation is considered earned until it is vested and determined in accordance with the terms of applicable policies and benefit plans. The availability and amount of any bonuses, incentives, or other benefits are subject to the terms of those plans and may be modified at the sole discretion of VHC Health, in accordance with applicable law.
VHC Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender identity or expression, marital status, national or ethnic origin, political affiliation, pregnancy (including childbirth, pregnancy-related conditions and lactation), race, religion, sex, sexual orientation, veteran status, genetic information, or any other characteristics protected by law.
VHC Health maintains a drug-free workplace. The unlawful manufacture, distribution, dispensing, possession, or use of a controlled substance is prohibited at all VHC Health locations.