Director of Cybersecurity

Ivyrehab•La Crosse, WI

About The Position

At Ivy Rehab, we're "All About the People"! As the Director of Cybersecurity, you are the primary architect and lead of our digital defenses. This is a high-impact, hands-on leadership role for a technical expert who thrives on getting into the security architecture while simultaneously partnering across IT and non-IT functions. This leadership position is responsible for the overall security posture of Ivy Rehab, overseeing the protection of our technical ecosystem across 700+ outpatient clinics and supporting 7,500+ employees in 18 states and growing. You will ensure that as we scale, our security governance, threat management, and compliance frameworks evolve to meet the needs of a multi-site healthcare environment. Join Ivy Rehab ’s dedicated team where you’re not just an employee, but a valued teammate! Together, we provide world-class care in physical therapy, occupational therapy, speech therapy, and applied behavior analysis (ABA) services. Our culture promotes authenticity, inclusion, growth, community, and a passion for exceptional care for every patient.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or equivalent work experience.
Minimum 10+ years of experience in IT/Security, with at least 5 years in a technical leadership role.
Proven track record of doing the work —not just managing it
Direct experience leading technical due diligence and integration projects.
Proficient in security and project management tools like MS Project, Jira, or Smartsheet
Deep understanding of security protocols, server environments, and healthcare-specific software (EMR).
Ability to work independently and as an active part of the team.

Nice To Haves

Experience working for a healthcare provider is highly desired.

Responsibilities

Active Security Architecture & Implementation: Directly design and work with the team to deploy security tools across our network, including IAM, endpoint protection, and encryption protocols.
Incident Response & Threat Management: Act and execute during security events. Oversee the end-to-end security operations, including threat detection, vulnerability management, and leading the response to any potential security breaches.
M&A Due Diligence: Lead technical due diligence for all acquired clinics, identifying security risks and standardizing their systems to meet the Ivy Rehab security ecosystem.
Cross-Functional Partnership: Partner directly with teams to integrate security into their workflows without creating bottlenecks. You will work side-by-side with Legal, Compliance and Procurement on due diligence and contract reviews.
Project Governance: Manage a portfolio of security initiatives (e.g., IAM rollouts, EMR security hardening, network encryption), ensuring they are delivered on time and within budget.
Vendor & Partner Management: Manage relationships with strategic security vendors (SOC, MSSP, Cyber Insurance) to ensure all infrastructure and tools are delivering maximum protection.
Leadership through Action: Lead and mentor a small, agile team of IT professionals by example. You will "pair-program" or "pair-configure" to foster a culture of high performance and technical excellence.