Director of Information Security

• Provide strategic leadership and oversight of the organization’s Information Security and Cybersecurity programs. 

• Lead cross-functional security and fraud prevention initiatives, ensuring alignment with business objectives and regulatory requirements. 

• Prepare and present clear, data-driven reports and presentations on security and fraud trends to executive leadership and stakeholders. 

• Stay current with emerging security technologies, fraud prevention practices, and industry trends, and make strategic recommendations for adoption. 

• Ensure the confidentiality, integrity, and availability of sensitive information in alignment with organizational trust and compliance standards. 

• Lead and mentor a small, high-performing Information Security team, fostering professional growth and accountability. 

• Direct and oversee security awareness and training programs to promote a culture of security across the organization. 

• Ensure effective auditing processes are in place for system logs and user access privileges to identify and mitigate potential risks. 

• Lead the organization’s response to cybersecurity incidents, coordinating cross-functional efforts and ensuring timely resolution. 

• Lead threat modeling and security design reviews for new systems and infrastructure changes. 

• Own the security response process for Sales RFPs, ensuring timely and accurate completion of security-related questionnaires. 

• Serve as the primary liaison between Technology and business units, ensuring fraud prevention and InfoSec initiatives are effectively integrated across the organization. 

• Oversee ITEL (Information Technology and Enterprise Logging) functions, ensuring systems are optimized for fraud detection and security monitoring. 

• Monitor and investigate transactions, accounts, and affiliate networks using internal and external tools to detect and document fraudulent activity and trends. 

• Conduct enterprise-level risk assessments and develop fraud prevention strategies tailored to evolving threats and business needs. 

• Maintain and enhance fraud analysis models to improve detection efficiency and system effectiveness. 

• Collaborate with Operations and other departments to develop strategies for identifying anomalies and integrating fraud prevention into business processes. 

• Design and implement secure architecture for networks, systems, and applications to prevent vulnerabilities and ensure scalability. 

• Collaborate with IT and DevOps to embed security into CI/CD pipelines and cloud infrastructure. 

• Evaluate and recommend security technologies (e.g., zero trust, micro segmentation, identity federation) to strengthen enterprise posture. 

• Develop and maintain security policies, standards, and procedures aligned with regulatory requirements and industry best practices. 

• Own and manage the execution of annual security assessments, including SOC audits, penetration testing, and vendor security reviews. 

• Ensure compliance with HIPAA, HITECH, and other privacy regulations, including breach notification protocols and data handling standards. 

• Oversee privacy impact assessments (PIAs) and data protection strategies for systems processing PII. 

• Serve as a security lead for audits and regulatory inquiries related to protected health information (PHI) and sensitive personal data. 

• Implement and monitor safeguards for electronic PHI (ePHI), including encryption, access controls, and secure transmission protocols. 

• of sensitive information in alignment with organizational trust and compliance standards. 

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field; advanced degree (e.g., MBA, MS in Cybersecurity) preferred. 

• Formal training or certification in Data Forensics, Information Security, or Ethical Hacking. 

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Fraud Examiner (CFE), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP). 

• 10+ years of progressive experience in Information Security, Risk Management, or Fraud Detection, with at least 3–5 years in a leadership or strategic role. 

• Proven ability to develop and implement enterprise-wide security strategies, policies, and governance frameworks. 

• Experience leading incident response, threat intelligence, and vulnerability management programs. 

• Strong background in security architecture, network security, and application security across hybrid environments (on-prem, cloud, SaaS). 

• Demonstrated success in building and mentoring high-performing security teams. 

• Ability to communicate complex security concepts to executive leadership and non-technical stakeholders. 

• Experience managing cross-functional collaboration with IT, legal, compliance, and business units. 

• Skilled in budget planning, vendor management, and contract negotiation for security technologies and services. 

• Deep understanding of fraud detection methodologies, data analytics, and pattern recognition in large datasets. 

• Familiarity with security technologies including SIEM, firewalls, IDS/IPS, endpoint protection, and access control systems. 

• Knowledge of regulatory frameworks such as ISO/SAE, HIPAA, SOX, GDPR, PCI-DSS, and NIST. 

• Experience conducting risk assessments, audits, and compliance reviews in financial services, healthcare, or e-commerce environments. 

• Impact: Play a pivotal role in supporting employers and employees nationwide.
• Growth: Advance your skills with a team committed to excellence and innovation.
• Culture: Join a company that values collaboration, innovation, and customer-first solutions.

• Competitive Salary Range: $120,000.00 - $160,000.00 Annually
• Generous health benefits
• Company sponsored wellness benefits
•  Complimentary Life Insurance and Long-Term Disability Insurance
• Paid time off
• 6 Paid Holidays & 2 Paid Floating Holidays
• Work from home and hybrid schedules available!

Please visit our career page and apply directly: www.naviabenefits.com/workatnavia

Not all positions allow for remote work, but those that do will only be available in the following states: AZ, CO, FL, GA, IL, IN, KS, MI, MN, MO, MT, NC, ND, NE, NJ, NV, NY, OH, PA, SD, TN, TX, UT.

Powered by JazzHR