Logo for Ensemble Health Partners

Director, Cybersecurity

Role overview

Qualifications

  • 5+ years of experience in cybersecurity governance, risk management, or compliance
  • Relevant certification preferred (e.g., CISSP, CISM, CRISC, or CISA)
  • Experience with risk management frameworks such as NIST CSF, ISO 27001, or COBIT
  • Strong communication and presentation skills

Responsibilities

  • Develop and implement a comprehensive cybersecurity governance, risk, and compliance program.
  • Conduct enterprise-wide cybersecurity risk assessments, including third-party and vendor risk.
  • Manage internal and external audits and regulatory assessments.
  • Train relevant staff regarding cybersecurity governance, risk, and compliance best practices.

Key facts

Other skills

  • Governance
  • Security Policies
  • Analytical Skills
  • Critical Thinking
  • Communication
  • Teamwork
  • Time Management
  • Accountability

About the company

Ensemble Health Partners logo

Ensemble Health Partners

Digital Health & Health Tech

Ensemble manages more than $35 billion in net patient revenue (NPR) and partners with more unique health systems than any other revenue cycle firm to deliver holistic financial health solutions through end-to-end managed services partnerships. The firm helps providers maximize their current technology and deploys industry-leading solutions to meet the unique needs of their systems and patients. Ensemble focuses on delivering value quickly and sustaining high performance, meeting 100% of year-one client goals, exceeding 102% of year-one cash collections and delivering 5% average NPR lift across clients.

Company details

Company typeXLarge
IndustryDigital Health & Health Tech
Company size10001

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Thank you for considering a career at Ensemble!

Ensemble is a leading provider of technology-enabled revenue cycle management solutions for health systems, including hospitals and affiliated physician groups. They offer end-to-end revenue cycle solutions as well as a comprehensive suite of point solutions to clients across the country.

Ensemble keeps communities healthy by keeping hospitals healthy. We recognize that healthcare requires a human touch, and we believe that every touch should be meaningful. This is why our people are the most important part of who we are. By empowering them to challenge the status quo, we know they will be the difference!

O.N.E Purpose:

  • Customer Obsession: Consistently provide exceptional experiences for our clients, patients, and colleagues by understanding their needs and exceeding their expectations.

  • Embracing New Ideas: Continuously innovate by embracing emerging technology and fostering a culture of creativity and experimentation.

  • Striving for Excellence: Execute at a high level by demonstrating our “Best in KLAS” Ensemble Difference Principles and consistently delivering outstanding results.

The Opportunity:

The Director, Cybersecurity Governance, Risk and Compliance (GRC) leads a team of security professionals in the development and implementation of an enterprise-wide cybersecurity governance, risk management, and compliance program. This includes leading the development of security policies and standards, managing enterprise and third-party risk assessments, and overseeing regulatory and industry compliance efforts. The Director will also be responsible for maintaining compliance with all applicable industry regulations and standards and for reporting on the organization's cybersecurity risk posture to executive leadership.

Job Competencies

  • Valuing Differences - Works effectively with individuals of diverse cultures, interpersonal styles, abilities, motivations, or backgrounds; seeks out and uses unique abilities, insights, and ideas. Considers the collective.
  • Collaboration - Works cooperatively within teams and partners with others, both internally and externally as needed, to achieve success; focuses on the results of the team, not the achievements of one person. It’s “All for One and One for All”
  • Accountability - Accepts personal responsibility and/or consequences of failure and successes, delivering on commitments and refocusing effort when needed. Someone who is willing to step up and own it.
  • Time Management - Effectively manages personal time and resources to ensure that work is completed efficiently.
  • Developing Trust - Gains others’ confidence by acting with integrity and following through on commitments; treats others and their ideas with respect and supports them in the face of challenges
  • Takes Initiative - Takes prompt action to accomplish goals and achieve results beyond what is required; is proactive and pursues relentlessly.

Essential Job Functions

  • Develop and implement a comprehensive cybersecurity governance, risk, and compliance (GRC) program that includes risk management, regulatory compliance, and policy governance.
  • Work with other departments to ensure risk management and compliance requirements are integrated into all enterprise functions.
  • Conduct enterprise-wide cybersecurity risk assessments, including third-party and vendor risk, across all in-scope systems and business units.
  • Develop and maintain relevant security policies and procedures
  • Train relevant staff regarding cybersecurity governance, risk, and compliance best practices and stay up to date on the latest regulatory requirements and industry trends.
  • Manage internal and external audits and regulatory assessments, and develop reporting on the organization's cybersecurity risk posture and compliance status for executive leadership and the board.

Other Preferred Knowledge, Skills and Abilities

  • 5+ years of experience in cybersecurity governance, risk management, or compliance
  • Relevant certification preferred (e.g., CISSP, CISM, CRISC, or CISA) and experience with risk management frameworks such as NIST CSF, ISO 27001, or COBIT
  • Hands-on experience with GRC platforms and tools (e.g., Archer, ServiceNow GRC, OneTrust, AuditBoard, or LogicGate)
  • Experience establishing and maintaining an Information Security Management System (ISMS)
  • Experience working with cross-functional teams to implement governance and risk management practices
  • Experience maintaining compliance with industry regulations and standards (e.g., HIPAA, SOC 2, PCI-DSS, GDPR)
  • Strong communication and presentation skills
  • Ability to work independently and lead a highly skilled GRC team
  • Strong analytical and critical thinking skills
  • Ability to work under pressure and meet deadlines
  • This position pays between $148,000-$267,840 based on experience
  • Must be inquisitive and demonstrate openness to innovation including AI to explore better processes and ways to alleviate friction and improve patient and client experiences.
  • This is a remote position; however, candidates must be willing and able to travel to and work onsite at client, temporary, or corporate office locations as business needs require.

This posting addresses s state specific requirements to provide pay transparency.  Compensation decisions consider many job-related factors, including but not limited to geographic location; knowledge; skills; relevant experience; education; licensure; internal equity; time in position.  A candidate entry rate of pay does not typically fall at the minimum or maximum of the role’s range.

#LI-LP1

#LI-Remote

Join an award-winning company

Five-time winner of “Best in KLAS” 2020-2022, 2024-2025

Black Book Research's Top Revenue Cycle Management Outsourcing Solution 2021-2024

22 Healthcare Financial Management Association (HFMA) MAP Awards for High Performance in Revenue Cycle 2019-2024

Leader in Everest Group's RCM Operations PEAK Matrix Assessment 2024

Clarivate Healthcare Business Insights (HBI) Revenue Cycle Awards for strong performance 2020, 2022-2023

Energage Top Workplaces USA 2022-2024

Fortune Media Best Workplaces in Healthcare 2024

Monster Top Workplace for Remote Work 2024

Great Place to Work certified 2023-2024

  • Innovation

  • Work-Life Flexibility

  • Leadership

  • Purpose + Values

Bottom line, we believe in empowering people and giving them the tools and resources needed to thrive. A few of those include:

  • Associate Benefits –  We offer a comprehensive benefits package designed to support the physical, emotional, and financial health of you and your family, including healthcare, time off, retirement, and well-being programs. 

  • Our Culture – Ensemble is a place where associates can do their best work and be their best selves. We put people first, last and always. Our culture is rooted in collaboration, growth, and innovation.  

  • Growth – We invest in your professional development. Each associate will earn a professional certification relevant to their field and can obtain tuition reimbursement. 

  • Recognition – We offer quarterly and annual incentive programs for all employees who go beyond and keep raising the bar for themselves and the company. 

Ensemble is an equal employment opportunity employer. It is our policy not to discriminate against any applicant or employee based on race, color, sex, sexual orientation, gender, gender identity, religion, national origin, age, disability, military or veteran status, genetic information or any other basis protected by applicable federal, state, or local laws.  Ensemble also prohibits harassment of applicants or employees based on any of these protected categories.

Ensemble provides reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act and applicable state and local law. If you require accommodation in the application process, please contact TA@ensemblehp.com.

This posting addresses state specific requirements to provide pay transparency.  Compensation decisions consider many job-related factors, including but not limited to geographic location; knowledge; skills; relevant experience; education; licensure; internal equity; time in position.  A candidate entry rate of pay does not typically fall at the minimum or maximum of the role’s range.

Employment Disclaimers – Ensemble

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Cybersecurity Advisor Related jobs

Other jobs at Ensemble Health Partners

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.