- Company Name
- Pacific Health Group
- Job Title
- IT Director
- Job Description
-
Job Title: IT Director
Role Summary: Lead the organization’s end‑to‑end IT and information security function, ensuring secure, HIPAA‑compliant technology infrastructure and data protection across all operations.
Expactations: Deliver robust security governance, maintain regulatory compliance, manage incident response, optimize IT infrastructure, and advise executive leadership on technology strategy and risk.
Key Responsibilities:
- Architect, implement, and govern a comprehensive Information Security Program, defining controls for applications, infrastructure, devices, and users.
- Enforce data classification, encryption, access control, logging, monitoring, and retention policies; implement zero‑trust and least‑privilege principles.
- Serve as the internal authority for HIPAA Security and Privacy Rule compliance: conduct risk assessments, remediation plans, maintain audit evidence, and supervise Business Associate Agreements.
- Own IT infrastructure design and maintenance: cloud platforms, networks, end‑user devices, SaaS, backup, DR, business continuity, redundancy, and deployment governance.
- Lead cybersecurity operations: develop incident response plans, manage breaches, conduct root‑cause analysis, maintain monitoring and alerting systems, and ensure compliance with breach‑notification laws.
- Protect sensitive data: apply encryption standards, govern data access, sharing, and retention; collaborate with legal/compliance on privacy matters.
- Evaluate and manage third‑party vendor risk: secure procurement, ongoing oversight, and contractual compliance.
- Create and enforce IT/security policies, deliver security awareness training, investigate violations, and maintain a culture of security.
- Prepare and present security risk, compliance, incident, and improvement reports to executive leadership; provide strategic recommendations on technology investments and risk trade‑offs.
Required Skills: Strategic IT leadership, cloud security, network & endpoint protection, identity & access management, incident response, risk assessment, policy development, vendor management, executive communication, and cross‑functional collaboration.
Required Education & Certifications: Bachelor’s (or higher) in Information Technology, Computer Science, or related field; professional certifications—CISSP, CISM, or equivalent—with extensive experience in healthcare IT or cybersecurity leadership.