Director of Information Security

About Navia Benefit Solutions:
We’re a people first benefit administrator that relies on a fast-growing team of creative thinkers, problem-solvers, and go-getters to bring our participant and client experience to the next level. Our mission? To create better lives and provide a simple and amazing benefits experience. If you love providing excellent service, innovating the way benefits are administered, and being part of an inclusive workplace community, you’ll fit right in. About the Role:
We are seeking a seasoned and strategic Director of Information Security to lead our organization’s security initiatives. This role is responsible for overseeing all aspects of Information Security within the Technology organization, ensuring the confidentiality, integrity, and availability of our systems and data.

The Director of Information Security will manage a small, high-performing team dedicated to protecting the organization from both digital and physical security threats, including fraudulent activities. This individual will collaborate closely with cross-functional teams—including Privacy, Fraud, IT, Engineering, and Risk Management—to proactively assess risks, analyze security data, and implement effective prevention and response strategies. What You’ll Do:
Strategic Leadership

• Provide strategic leadership and oversight of the organization’s Information Security and Cybersecurity programs.

• Lead cross-functional security and fraud prevention initiatives, ensuring alignment with business objectives and regulatory requirements.

• Prepare and present clear, data-driven reports and presentations on security and fraud trends to executive leadership and stakeholders.

• Stay current with emerging security technologies, fraud prevention practices, and industry trends, and make strategic recommendations for adoption.

• Ensure the confidentiality, integrity, and availability of sensitive information in alignment with organizational trust and compliance standards.

Team Management

• Lead and mentor a small, high-performing Information Security team, fostering professional growth and accountability.

• Direct and oversee security awareness and training programs to promote a culture of security across the organization.

• Ensure effective auditing processes are in place for system logs and user access privileges to identify and mitigate potential risks.

Incident Response

• Lead the organization’s response to cybersecurity incidents, coordinating cross-functional efforts and ensuring timely resolution.

• Lead threat modeling and security design reviews for new systems and infrastructure changes.

• Own the security response process for Sales RFPs, ensuring timely and accurate completion of security-related questionnaires.

Fraud Prevention

• Serve as the primary liaison between Technology and business units, ensuring fraud prevention and InfoSec initiatives are effectively integrated across the organization.

• Oversee ITEL (Information Technology and Enterprise Logging) functions, ensuring systems are optimized for fraud detection and security monitoring.

• Monitor and investigate transactions, accounts, and affiliate networks using internal and external tools to detect and document fraudulent activity and trends.

• Conduct enterprise-level risk assessments and develop fraud prevention strategies tailored to evolving threats and business needs.

• Maintain and enhance fraud analysis models to improve detection efficiency and system effectiveness.

• Collaborate with Operations and other departments to develop strategies for identifying anomalies and integrating fraud prevention into business processes.

Security Architecture

• Design and implement secure architecture for networks, systems, and applications to prevent vulnerabilities and ensure scalability.

• Collaborate with IT and DevOps to embed security into CI/CD pipelines and cloud infrastructure.

• Evaluate and recommend security technologies (e.g., zero trust, micro segmentation, identity federation) to strengthen enterprise posture.

Compliance

• Develop and maintain security policies, standards, and procedures aligned with regulatory requirements and industry best practices.

• Own and manage the execution of annual security assessments, including SOC audits, penetration testing, and vendor security reviews.

• Ensure compliance with HIPAA, HITECH, and other privacy regulations, including breach notification protocols and data handling standards.

• Oversee privacy impact assessments (PIAs) and data protection strategies for systems processing PII.

• Serve as a security lead for audits and regulatory inquiries related to protected health information (PHI) and sensitive personal data.

• Implement and monitor safeguards for electronic PHI (ePHI), including encryption, access controls, and secure transmission protocols.

• of sensitive information in alignment with organizational trust and compliance standards.

What We’re Looking For:
Education & Certifications 

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field; advanced degree (e.g., MBA, MS in Cybersecurity) preferred.

• Formal training or certification in Data Forensics, Information Security, or Ethical Hacking.

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Fraud Examiner (CFE), Certified Information Security Manager (CISM), or Certified Cloud Security Professional (CCSP).

Professional Experience 

• 10+ years of progressive experience in Information Security, Risk Management, or Fraud Detection, with at least 3–5 years in a leadership or strategic role.

• Proven ability to develop and implement enterprise-wide security strategies, policies, and governance frameworks.

• Experience leading incident response, threat intelligence, and vulnerability management programs.

• Strong background in security architecture, network security, and application security across hybrid environments (on-prem, cloud, SaaS).

Leadership & Strategic Skills 

• Demonstrated success in building and mentoring high-performing security teams.

• Ability to communicate complex security concepts to executive leadership and non-technical stakeholders.

• Experience managing cross-functional collaboration with IT, legal, compliance, and business units.

• Skilled in budget planning, vendor management, and contract negotiation for security technologies and services.

Technical & Regulatory Expertise 

• Deep understanding of fraud detection methodologies, data analytics, and pattern recognition in large datasets.

• Familiarity with security technologies including SIEM, firewalls, IDS/IPS, endpoint protection, and access control systems.

• Knowledge of regulatory frameworks such as ISO/SAE, HIPAA, SOX, GDPR, PCI-DSS, and NIST.

• Experience conducting risk assessments, audits, and compliance reviews in financial services, healthcare, or e-commerce environments.

Work Environment:
Candidates within 30 miles of one of our four office locations may be asked to come into the office for a hybrid schedule depending on the role.
Eligible candidates will reside in one of the following states: AZ, CA, CO, FL, GA, IA, IL, IN, KS, MA, ME, MI, MN, MO, MT, NC, ND, NE, NJ, NV, NY, OH, OR, PA, SD, TN, TX, UT, AND WA Why Join Navia?

• Impact: Play a pivotal role in supporting employers and employees nationwide.
• Growth: Advance your skills with a team committed to excellence and innovation.
• Culture: Join a company that values collaboration, innovation, and customer-first solutions.

Perks and Benefits:

• Competitive Salary Range: $120,000.00 - $160,000.00 Annually
• Generous health benefits
• Company sponsored wellness benefits
• Complimentary Life Insurance and Long-Term Disability Insurance
• Paid time off
• 6 Paid Holidays & 2 Paid Floating Holidays
• Work from home and hybrid schedules available!

Ready to Join Us?
Take the first step toward your new career in creating better lives —apply now!
For any questions or to check on your application, reach out to [email protected].

Please visit our career page and apply directly:

Not all positions allow for remote work, but those that do will only be available in the following states: AZ, CO, FL, GA, IL, IN, KS, MI, MN, MO, MT, NC, ND, NE, NJ, NV, NY, OH, PA, SD, TN, TX, UT.