Talent.com
TRIMEDX
Director, Information SecurityTRIMEDX • Indianapolis, IN, United States
Director, Information Security

Director, Information Security

TRIMEDX • Indianapolis, IN, United States
19 days ago
Job type
  • Full-time
Job description

Director Of Information Security

If you are wondering what makes TRIMEDX different, it's that all of our associates share in a common purpose of serving clients, patients, communities, and each other with equal measures of care and performance.

Everyone is focused on serving the customer and we do that by collaborating and supporting each other

Associates look forward to coming to work each day

Every associate matters and makes a difference

It is truly a culture like no other We hope you will join our team!

The Director of Information Security is a senior leadership position with full programmatic authority over the organization's security posture. This role is accountable for building, maturing, and operating a comprehensive security program organized across five pillars: Governance, Risk and Compliance; Threat and Vulnerability Management; Identity and Access Management; Application and Cloud Security; and Resilience and Incident Response.

This role owns the organizational risk register, drives the compliance posture across ISO 27001 and SOC 2, and makes security decisions within established organizational risk appetite. The Director does not surface risks for others to own; they own the program and report outcomes to senior leadership. They lead a team of security professionals and serve as the primary security authority for engineering, operations, and executive leadership.

As AI tooling and accelerated engineering become central to the business, the Director establishes the governance frameworks and practical guardrails that allow teams to innovate without compromising data integrity or regulatory standing.

Responsibilities

Accountabilities

Owns the organizational risk register as a living management tool that reflects current exposure and drives resource decisions.

Defines what security success looks like for the organization; develops and tracks KPIs that provide senior leadership a transparent, actionable view of risk posture and program ROI.

Leads, develops, and grows the security team across five operational pillars; establishes clear ownership, career paths, and accountability structures.

Shifts the security function from reactive, task-driven operations to a proactive, process-driven culture.

Serves as the organization's primary security authority; makes risk-based decisions independently within agreed organizational risk appetite.

Serves as operational lead during and after security incidents triage, resource coordination, retrospective and escalation to legal counsel and senior leadership per established protocols.

Governance, Risk & Compliance (Pillar 1)

Oversees execution of ISO 27001 and SOC 2 Type II compliance programs as a unified control framework. Leads audit readiness, evidence collection, and control testing.

Governs vendor risk management, including third-party security assessments and ongoing vendor performance against security requirements.

Establishes guardrails for AI/LLM adoption, referencing emerging standards such as ISO/IEC 42001.

Serves as a cross-functional risk consultant to managers and directors, helping them recognize and articulate risk within their own domains.

Standardizes and streamlines the response process for customer security inquiries; develops a library of repeatable, high-quality responses.

Threat & Vulnerability Management (Pillar 2)

Directs vulnerability management operations scanning, prioritization, remediation tracking, and closure verification.

Owns the external threat intelligence program, ensuring the team monitors the threat landscape relevant to the organization's industry.

Oversees penetration testing engagements including scope definition, vendor selection, and findings remediation.

Identity & Access Management (Pillar 3)

Sets IAM strategy and governance including role-based access design, MFA enforcement, privileged access management, and periodic access review cadence.

Ensures the IAM function operates within a defined governance structure with clear strategic direction.

Application & Cloud Security (Pillar 4)

Defines and maintains security baselines for cloud infrastructure (Azure), DevOps pipelines, and application development.

Embeds security guardrails into the development lifecycle as a natural part of engineering not a gate or afterthought.

Owns API security standards and cloud security posture management.

Partners with engineering and architecture to ensure new systems are designed with security first approach to development.

Resilience & Incident Response (Pillar 5)

Owns DR and BCP strategy, annual testing, and tabletop exercises. Ensures recovery objectives are clearly defined, achievable, and aligned with business needs.

Ensures incident response plans are tested and current before they are needed.

Decision Making / Autonomy

Operates with full programmatic authority within the organizational risk appetite makes security decisions independently rather than seeking approval on every call.

Escalates and provides recommendation to senior leadership on issues requiring executive or legal engagement.

Communications / Interactions

Briefs the VP of IT and executive leadership using BLUF (Bottom Line Up Front) communication clear context, current posture, and recommended action.

Represents the security program during M&A due diligence and new customer onboarding, providing accurate and credible security posture assessments.

Translates technical risk into business language that non-technical stakeholders can act on without requiring translation.

Leadership

Leadership: Provide clear direction to ensure collective achievement of goals and objectives. Create an environment of respect, collaboration, and open communication.

Associate Development: Identify and support development needs of direct reports and team members including connecting them to resources both internally and externally to ensure a culture of continuous improvement.

Associate Engagement: Create high levels of employee engagement by understanding organizational and personal drivers that impact drivers and developing action plans that deliver increased engagement.

Performance management: Set clear goals and expectations for teams, monitor, and enable performance and intervene with appropriate action when performance gaps occur and provide timely, honest feedback. Ensure that associates complete assigned actions by required deadlines.

All other duties as assigned.

Skills and Experience

Required Experience

Minimum of 10 years of experience in Information Security or a related field is required. At least 5 years of people management experience leading technical security teams is also required.

Demonstrated track record of building security programs from a reactive state to a proactive, process-driven posture.

Multi-framework compliance experience: hands-on ownership of ISO 27001, SOC 2, and at least one additional framework (NIST, HIPAA, or equivalent).

Technical credibility across vulnerability management, IAM platforms (Okta, Entra ID), and cloud security (Azure preferred).

Experience leading or contributing to security due diligence in M&A or major customer onboarding contexts.

BLUF communicator: structures every briefing around the bottom line, with supporting context available but not leading.

Preferred Experience

Experience managing a security program under a rapidly changing environment and adoption of new technology.

Experience or a strong perspective on establishing guardrails for AI/LLM adoption, referencing frameworks such as ISO/IEC 42001.

Familiarity with vulnerability management, IAM platforms, and Azure cloud security standards.

Relevant certifications: CISSP, CISM, ISO 27001 Lead Implementer or Lead Auditor, CCSP, or Azure Security Engineer Associate.

Education and Qualifications

Bachelor's degree in MIS, Computer Science or related field is required, or equivalent experience.

Create a job alert for this search

Director, Information Security • Indianapolis, IN, United States

Similar jobs

Director PPG Practices

Parkview HealthIndianapolis, Indiana, United States, 46240
Full-time

Under the direction of the SVP/COO Growth Markets and Provider Network and in collaboration with physician leaders, the Director PPG Practices is responsible for leading and directing the operation... Show more

 • New!

Director of Restaurants

White Lodging Services CorporationIndianapolis, IN, US
Full-time

Location: JW Marriott Indianapolis.White Lodging develops and operates a portfolio of award-winning, premium-brand hotels, rooftop bars, and restaurants in some of the country’s best cities to live... Show more

Executive Director

Hamilton County Kids CoatsCarmel, IN, United States
Part-time

Position Summary The Part-Time Executive Director will provide mission-driven leadership, fundraising direction, and operational coordination during a pivotal period in Kids Coats' history.This rol... Show more

 • Promoted

Senior Security Analyst (Remote in US)

ResultantIndianapolis, IN, United States
Remote
Full-time

Job DescriptionWe are looking for a skilled Senior Security Analyst to join our Managed Security Services Provider (MSSP) team.This role is essential for protecting our clients by detecting, invest... Show more

 • Promoted

Account Risk Analyst III

First Internet BankFishers, IN, United States
Full-time +1

First Internet Bank of Indiana Fishers - Fishers, IN 46038.Position Type Full Time Job Shift Monday to Friday; 8-5.As the Account Risk Analyst III, you will be responsible for reviewing data utiliz... Show more

 • Promoted

INHS Certified Medical Assistant

CenterstoneColumbus, IN, United States
Full-time

Job Opportunity at Centerstone Health Services.Centerstone Health Services is a Federally Qualified Health Center (FQHC) Look-Alike and is rapidly growing to serve people in multiple counties acros... Show more

 • Promoted

Program Analyst

Client Solution ArchitectsEdinburgh, IN, United States
Full-time

Client Solution Architects (CSA) is currently seeking a Program Analyst to support our program at Camp Atterbury, IN.For nearly 50 years, CSA has delivered integrated technology and operational sup... Show more

 • Promoted

Physician (MD/DO) - Cardiology - General/Other in Columbus, IN

LocumJobsOnlineColumbus, IN, US
$80,000.00 yearly
Full-time +1

Doctor of Medicine | Cardiology - General/Other.Competitive weekly pay (inquire for details) .LocumJobsOnline is working with CompHealth to find a qualified Cardiology MD in Columbus, Indiana, 4720... Show more

 • Promoted

Commercial Delivery Portfolio Manager

CentraColumbus, IN, United States
Full-time

Commercial Delivery Portfolio Manager.Job Category: Commercial Delivery Sales Requisition Number: COMME002156.Thank you for your interest in a career with Centra.A career at Centra Credit Union is ... Show more

 • Promoted

Director of Electrical Operations

Goodwin RecruitingIndianapolis, IN, United States
Full-time

Director of Projects (Electrical Operations).An award-winning electrical design-build firm headquartered in Indianapolis, IN is seeking a Director of Projects to join its growing team.Focuses on co... Show more

 • Promoted

Medical Director Physician

Premise HealthColumbus, Indiana, US
Full-time

Medical Director physician employment in Indiana :.Premise's mission is to help people get, stay, and be well.We hope you will join us in our mission and experience why amazing health starts with a... Show more

 • Promoted

Shift Leader

Pizza HutNoblesville, IN, United States
Full-time

As a member of our management team, you will have the opportunity to contribute to the continuing success of a company that has grown from a single restaurant in 1972 to 82 today across Indiana, Il... Show more

 • Promoted

MLOps engineer remote Indianapolis, IN

ESR HealthcareColumbus, IN, United States
Remote
Full-time

OverviewLocation :person works in EST hrs(Preferable in Indianapolis) - RemoteDuration :1yearAbout ESR HealthcareHello Candidates and New Clients :Candidates - want a new job? Are you hiring and ne... Show more

 • Promoted

Non-Invasive Cardiology Position Commutable to Indianapolis, IN

CHG HealthcareColumbus, IN, US
Full-time

Join a cutting-edge cardiology program within a stable, nonprofit hospital.There is an easy commute to Indianapolis and it is accessible to 3 international airports.The community offers great schoo... Show more