Director, Information Security

Comagine Health is a national, mission-driven, nonprofit organization that has engaged in health care quality consulting and quality improvement services for more than 50 years.

We are leaders in assisting front-line providers and engaging health care partners to improve care delivery and patient outcomes.

Our talented remote workforce spans the country and plays a vital role in our success. We go beyond merely providing a remote work option; we support and embrace it. We offer opportunities to make a difference from anywhere in the U.S. and enjoy better work-life balance. An annual stipend gives you the freedom to enhance your workspace with options that suit your needs.

We believe in an environment that allows you to thrive both personally and professionally. That's why we offer benefits that include:

• Medical, dental and vision insurance
• Paid time off for vacation, illness and volunteering
• Retirement savings plan with employer contribution
• Adoption financial assistance
• Paid parental leave
• And much more!

Comagine Health | Product & Technology
Full-Time | Exempt
Remote (Central, Mountain, & Pacific Time Zones)
Travel: Occasional (up to 10%)

Comagine Health is seeking a Director of Information Security to lead and operate a comprehensive information security program that protects organizational systems, data, and customers while enabling business objectives. This role provides strategic and operational leadership across cybersecurity operations, governance, risk management, and compliance.

Reporting to the VP, Product & Technology, this people leader partners closely with IT, Engineering, Compliance, and business stakeholders to strengthen security posture, ensure regulatory compliance, and embed security best practices across the organization.

Key Responsibilities

• Lead enterprise information security strategy, policies, and standards

• Own governance and compliance programs (SOC 2, HIPAA, HITRUST, NIST)

• Oversee cybersecurity operations, incident response, and vulnerability management

• Lead, mentor, and develop the information security team

• Conduct risk assessments and manage risk treatment plans

• Oversee security tools, vendors, and cost-effective controls

• Report security posture, risk, and compliance metrics to leadership

• Support regulatory, customer, and third-party security assessments

Qualifications

• Bachelor's degree or equivalent experience

• 8+ years in information security, cybersecurity, or IT risk management

• 5+ years leading enterprise security programs

• Experience with SOC 2, HIPAA, HITRUST, or NIST frameworks

• Strong leadership, communication, and stakeholder engagement skills

Preferred Certifications
CISSP, CISM, CISA, and/or cloud security certification (e.g., CCSP)

Compensation (Location-Based):
Compensation is based in part on candidate location, experience, and internal equity.
Examples:
* Kansas City: $145,000-$155,000
* Portland: $155,000-$165,000
* Seattle: $165,000-$180,000

This role is eligible for Comagine Health's full benefits package, including medical, dental, vision, retirement, paid time off, and paid holidays.

Equal Opportunity Employer
Comagine Health is an equal opportunity employer and is committed to creating a diverse, equitable, and inclusive workplace.