Information Security, Director at Nightingale College

Director, Information Security

The target hiring range for this position is $165,000-$185,000.

Position Summary:

The Director of Information Security will oversee and manage all aspects of the organization’s information security program, ensuring the confidentiality, integrity, and availability of company systems, data, and operations. This role requires a leader who can develop strategic security initiatives while collaborating closely with departments across the company and mentoring junior team members.

Role and Responsibilities:

1) Information Security Program Leadership

• Develop, implement, and maintain a comprehensive information security program aligned with business objectives and industry best practices.
• Establish, review, and enforce security policies, procedures, and standards to address organizational risks and compliance requirements

2) Vulnerability Management

• Oversee regular vulnerability scans, assessments, and remediation efforts.
• Ensure monthly or quarterly vulnerability metrics are reported and risks are appropriately mitigated.

3) Third-Party Risk Management

• Lead the evaluation and monitoring of third-party vendors to ensure compliance with security standards.
  
• Collaborate with procurement and legal teams to enforce security requirements in vendor contracts.
  

4) Cloud Security

• Design, implement, and maintain security controls specifically for AWS environments.
  
• Monitor access control, encryption policies, and configurations to secure cloud-based systems.

5) Incident Management

• Develop and manage the incident response program, including playbooks, escalation procedures, and post-incident reviews.
  
• Coordinate with internal teams and external partners during security incidents to ensure timely resolution.
  

6) Policies, Procedures, and Compliance

• Draft, update, and enforce security policies and procedures to meet organizational needs and regulatory requirements.
  
• Ensure compliance with relevant frameworks, including NIST CSF, ISO 27001, GLBA, and FERPA.
  
• Conduct regular audits to verify adherence to policies and identify areas for improvement.
  

7) Security Awareness and Training

• Create and implement a security awareness training program for employees at all levels.
  
• Conduct regular phishing simulations and provide metrics on awareness improvements.
  

8) Collaboration Across the Organization

• Partner with departments such as HR, Finance, Legal, and Operations to integrate security into business processes.
  
• Serve as a trusted advisor to leadership teams on security-related matters and ensure security measures support operational goals.
  

9) Mentorship and Team Development

• Train, mentor, and support the professional growth of junior security team members.
  
• Foster a culture of continuous learning and improvement within the team.
  

10) Other Responsibilities

• Stay up to date on emerging threats and technologies to adjust the security posture as needed.
  
• Regularly communicate security program progress and challenges to the CIO and executive leadership.

Qualifications and Education Requirements:

Education: Bachelor’s degree in Information Security, Information Systems, Computer Science, or a related field (Master’s degree preferred).

Experience:

• 10+ years of progressive experience in information security, including at least 5 years in a leadership role.
  

• Hands-on experience with vulnerability management tools, detection and response, risk management, AWS cloud security, incident response, and leading teams.

Certifications: CISSP, CISM, CISA, or other relevant certifications are highly desirable.

Skills: Strong understanding of security frameworks such as NIST CSF, ISO 27001, or CIS Controls.

• Knowledge of regulatory requirements, including GLBA and FERPA.
  
• Excellent communication and leadership skills with the ability to collaborate across departments and convey technical concepts to non-technical stakeholders.

All new hires are required to attend New Collaborator Orientation (NCO) in Salt Lake City, Utah. The College will pay for travel and lodging accommodations.

Nightingale’s commitment to diversity and inclusion is reflected both in our learners and collaborators because we believe the best outcomes for learners from underserved and diverse populations are achieved through collaborators with similar backgrounds and cultures. Nightingale College is an equal opportunity employer.

Our Mission (not just words on the wall, we live it, love it, and daily contribute to it): With the primary focus on higher learning in healthcare professions, Nightingale College contributes to elevating education, health, and employment systems through facilitation of academic achievement, personal growth, and professional development of its learners, alumni, and collaborators, while serving diverse communities.

At Nightingale College, our Innovative Education model helps transform rural health landscapes through our blended-distance learning platform. Every person involved with Nightingale College helps to change the lives of our learners, our communities, and ultimately the world by adding to the quality of healthcare. We are proud to have graduated over 3,400 nurses serving communities in need. We are serious about our outcomes and have a little bit of fun getting there.

The professional and personal development of our learners and our collaborators is our company’s foundation. Not only do we develop strategies that promote a positive work-life integration, but we also create an environment that invites you to become an expert in your field, be it through higher education or professional development. Put simply, we elevate employment, elevate health, and elevate education. We’re so happy that you’ve found us!