Director of Information Security

Position Overview

AmeriVet Veterinary Partners is seeking an experienced Director of Information Security to lead and mature our enterprise cybersecurity program. This role is responsible for developing and implementing security strategies that protect AmeriVet’s systems, data, and veterinary practice operations across our growing network of locations.

The Director of Information Security will oversee security governance, risk management, and compliance (GRC) while ensuring adherence to regulatory requirements including PCI DSS. This leader will work closely with IT leadership and business stakeholders to strengthen AmeriVet’s security posture across identity and access management, endpoint protection, security monitoring, and cloud services.

This position reports directly to the VP of Infrastructure, Operations, and Security, with a dotted-line reporting relationship to the Chief Information Officer (CIO). The Director will also serve as a key cybersecurity liaison to executive leadership, providing visibility into AmeriVet’s cyber risk posture, compliance status, and security initiatives. As part of this governance responsibility, the role will support quarterly cybersecurity reporting and updates to the Executive Leadership Team, ensuring appropriate oversight of the organization’s cybersecurity strategy and risk management efforts.

Key Responsibilities

Security Leadership & Strategy

• Develop and lead AmeriVet’s enterprise information security strategy and roadmap.

• Establish and maintain security policies, standards, and governance frameworks.

• Partner with IT and business leaders to integrate security best practices into operations and technology initiatives.

• Provide regular security risk reporting and recommendations to executive leadership.

Governance, Risk & Compliance (GRC)

• Lead the IT/Info Sec GRC program, including risk assessments and control frameworks.

• Ensure compliance with PCI DSS requirements and other applicable regulatory standards.

• Oversee internal and external security audits, vulnerability assessments, and remediation efforts.

• Manage third-party risk management and vendor security assessments.

Identity & Access Management

• Oversee enterprise Identity and Access Management (IAM) strategies and processes.

• Implement and maintain Single Sign-On (SSO) solutions to improve both security and user experience across veterinary practices and corporate teams.

• Establish access governance, provisioning, and role-based access controls across systems.

Security Operations

• Oversee security monitoring and endpoint protection platforms including CrowdStrike.

• Manage incident response processes, investigations, and remediation.

• Partner with infrastructure and cloud teams to implement secure architecture and endpoint protection standards across all AmeriVet locations.

Risk Management & Incident Response

• Develop and maintain an enterprise cybersecurity risk management program.

• Lead the organization’s security incident response and recovery procedures.

• Identify emerging threats and implement proactive mitigation strategies.

Security Awareness

• Maintain a security awareness program to educate corporate and practice teams on cybersecurity best practices.

• Promote a strong security culture across AmeriVet.

Required Qualifications

• 8+ years of experience in cybersecurity, with 3+ years in a leadership or management role.

• Demonstrated experience with PCI DSS compliance and audit preparation.

• Strong experience with Governance, Risk, and Compliance (GRC) frameworks.

• Hands-on experience with endpoint protection platforms such as CrowdStrike.

• Experience implementing or managing Identity and Access Management (IAM) and SSO solutions.

• Experience with cloud security and SaaS security governance.

• Experience with Microsoft security ecosystem (Azure AD / Entra, Conditional Access, etc.).

• Knowledge of modern security frameworks such as NIST, CIS, or ISO 27001.

• Strong communication skills with the ability to translate security risks for business stakeholders.

Preferred Qualifications

• Certifications such as CISSP, CISM, CRISC, or CISA.

• Experience securing multi-site healthcare or retail environments.

• Experience with cloud security and SaaS security governance.

• Bachelor’s degree in Information Security, Computer Science, Information Systems, or related field.