Director, Information Technology Governance
Point C is a National third-party administrator (TPA) with local market presence that delivers customized self-funded benefit programs. Our commitment and partnership means thinking beyond the typical solutions in the market – to do more for clients – and take them beyond the standard “Point A to Point B.” We have researched the most effective cost containment strategies and are driving down the cost of plans with innovative solutions such as, network and payment integrity, pharmacy benefits and care management. There are many companies with a mission. We are a mission with a company.
The Director, Information Technology Governance & Risk Management will lead Point C’s IT security governance program, reporting to the CISO. This role is responsible for developing and managing security policies, overseeing risk and compliance initiatives, and ensuring alignment with HIPAA, HITRUST, and SOC 2.
This leader will drive security awareness, vendor risk management, and enterprise risk governance while translating regulatory requirements into practical, scalable processes.
Key Responsibilities
Lead IT governance, including policy development, lifecycle management, and governance committee oversight
Maintain an auditable policy library with structured review and approval processes
Align security policies with HIPAA, HITRUST, SOC 2, and other regulatory frameworks
Translate audit findings into actionable controls and remediation plans
Own the IT security awareness and training program, including role-based training and phishing simulations
Oversee vendor and third-party risk management, including due diligence, risk assessments, and ongoing monitoring
Manage the IT risk register and drive risk mitigation strategies with executive reporting
Support audit readiness through control testing, reporting, and coordination of internal/external audits
Promote adoption of enterprise security standards across identity, access, and data protection
Qualifications
8+ years in information security, IT governance, or risk management
3+ years leading governance or compliance programs in healthcare or regulated industries
Experience with HITRUST, SOC 2 Type II, and HIPAA
Proven experience building policy, awareness, and vendor risk programs
Strong risk management, stakeholder communication, and executive reporting skills
CISA, CISSP, CRISC, or CISM preferred
Individual compensation will be commensurate with the candidate's experience and qualifications. Certain roles may be eligible for additional compensation, including bonuses, and merit increases. Additionally, certain roles have the opportunity to receive sales commissions that are based on the terms of the sales commission plan applicable to the role.Pay Transparency$140,000—$165,000 USDBenefits:
Comprehensive medical, dental, vision, and life insurance coverage
401(k) retirement plan with employer match
Health Savings Account (HSA) & Flexible Spending Accounts (FSAs)
Paid time off (PTO) and disability leave
Employee Assistance Program (EAP)
Equal Employment Opportunity: At Point C Health, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business—and our society—stronger. Point C Health is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
Apply Now
The Director, Information Technology Governance & Risk Management will lead Point C’s IT security governance program, reporting to the CISO. This role is responsible for developing and managing security policies, overseeing risk and compliance initiatives, and ensuring alignment with HIPAA, HITRUST, and SOC 2.
This leader will drive security awareness, vendor risk management, and enterprise risk governance while translating regulatory requirements into practical, scalable processes.
Key Responsibilities
Lead IT governance, including policy development, lifecycle management, and governance committee oversight
Maintain an auditable policy library with structured review and approval processes
Align security policies with HIPAA, HITRUST, SOC 2, and other regulatory frameworks
Translate audit findings into actionable controls and remediation plans
Own the IT security awareness and training program, including role-based training and phishing simulations
Oversee vendor and third-party risk management, including due diligence, risk assessments, and ongoing monitoring
Manage the IT risk register and drive risk mitigation strategies with executive reporting
Support audit readiness through control testing, reporting, and coordination of internal/external audits
Promote adoption of enterprise security standards across identity, access, and data protection
Qualifications
8+ years in information security, IT governance, or risk management
3+ years leading governance or compliance programs in healthcare or regulated industries
Experience with HITRUST, SOC 2 Type II, and HIPAA
Proven experience building policy, awareness, and vendor risk programs
Strong risk management, stakeholder communication, and executive reporting skills
CISA, CISSP, CRISC, or CISM preferred
Individual compensation will be commensurate with the candidate's experience and qualifications. Certain roles may be eligible for additional compensation, including bonuses, and merit increases. Additionally, certain roles have the opportunity to receive sales commissions that are based on the terms of the sales commission plan applicable to the role.Pay Transparency$140,000—$165,000 USDBenefits:
Comprehensive medical, dental, vision, and life insurance coverage
401(k) retirement plan with employer match
Health Savings Account (HSA) & Flexible Spending Accounts (FSAs)
Paid time off (PTO) and disability leave
Employee Assistance Program (EAP)
Equal Employment Opportunity: At Point C Health, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business—and our society—stronger. Point C Health is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
Apply Now