Director, Cybersecurity

Make a difference. Be happy. Grow your career.

The Role

Nordic is a full-service consultancy firm focusing on health care and technology. We are looking for a collaborative, entrepreneurial leader who brings deep healthcare security expertise, a consulting mindset, and a passion for building high-impact teams.  This is a strategic  role responsible for helping to shape the direction of our cybersecurity service offerings, leading client delivery engagements, developing solutions when needed, and positioning the firm as a trusted leader in healthcare risk advisory services.

Key Areas

Client Delivery & Executive Oversight: Lead and oversee high-impact client engagements to ensure quality, consistency, and value delivery; serve as a trusted advisor to provider executives and health IT leadership teams.

Delivery Quality and Solution Ownership: Deliver high-quality consulting services to strategic clients, developing and implementing solution-based tools and solutions when needed.

Market Presence & Thought Leadership: Represent the firm in industry forums, contribute to thought leadership, and collaborate with business development teams to position the firm as a leader in healthcare cybersecurity and GRC.

Key Responsibilities

The Director, Cybersecurity Services, will have the following key responsibilities, which include but are not limited to:

Practice Leadership

• Define and refine the vision, strategy, and roadmap for the Cybersecurity & GRC practice.
• Expand core services, such as HIPAA security assessments, GRC services, policy development, third-party risk management, security program design, IAM, and other services as identified.
• Collaborate across service lines to ensure an integrated advisory offering to our healthcare clients.

Engagement Delivery & Quality Oversight

• Lead critical engagements, as a solo consultant, or as a team leader and ensure quality of deliverables and client satisfaction
• Guide teams in applying risk-based frameworks (e.g., NIST, HITRUST, HIPAA) to client environments.
• Provide input into solution development and delivery models.

Internal Development & Growth

• Partner with business development and client account teams to pursue growth opportunities.
• Contribute to proposals, presentations, and capability development across the firm.
• Mentor and coach team members, identify staffing needs, and help build a high-performing bench of cybersecurity and GRC consultants in relation to sales pipeline growth.

Thought Leadership & Market Positioning

• Facilitate research and identify relationships/partnerships that could be supportive of Nordic solutions
• Stay current on emerging risks, healthcare regulations, and cybersecurity trends relevant to our clients.

Qualifications:

Required:

• 10+ years in cybersecurity, information risk, or GRC roles with at least 5 years in healthcare consulting or provider environments.
• Expertise in HIPAA, HITECH, NIST CSF, HITRUST CSF, and healthcare regulatory frameworks.
• Strong leadership, client-facing, and team development skills.
• Experience leading complex cybersecurity consulting engagements
• Demonstrated ability to scope, lead, and deliver security engagements for provider clients.

Preferred:

• Previous experience leading or co-leading a service line or consulting practice.
• Previous CISO-level experience/leadership in a hosptial organization
• Certifications such as CISSP, CISM, CRISC, or HITRUST CCSFP.
• Familiarity with firm operations, business development processes, and delivery methodology.

Additional details

• 70% remote position
• Travel up to 30% of the time, including to the Nordic home office in Madison, WI and client sites when needed.

Nordic is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, marital or veteran status, or any other protected status under applicable federal, state, or local laws. We encourage individuals of all backgrounds to apply, including women, minorities, individuals with disabilities, and veterans.