Share this Job
Apply now »

Director Information Security

Date:  Jun 3, 2021
Brand:  Luxottica (LoA Corporate)

Mason, OH, US, 45040

Requisition ID: 367808 
Total Rewards: Benefits/Incentive Information


There’s more to EyeMed than meets the eye. EyeMed is the fastest growing managed vision benefits company in the country with consistent double-digit membership growth! Through our commitment to innovation, we’re reimagining the way employers and their employees think about vision care. We want them to see life to the fullest and experience more of what’s best, not more of the same.  And if what’s best hasn’t been done yet, it’s our exceptional and passionate employees driving this change. But, our passion for vision isn’t just about vision insurance benefits. Our employees are proud to support and participate in life-altering global and local missions through our partnership with OneSight, a leading not-for-profit organization with a 100% focus on eradicating the world’s vision crisis.


Your family says a lot about who you are. EyeMed is a key member of the Luxottica family of companies, global leaders in the design, manufacture and distribution of fashion, luxury and sports eyewear.  In North America, Luxottica is the home to global brands Ray-Ban, Oakley and many top fashion house brands.  Our leading retail brands include LensCrafters, Sunglass Hut, Pearle Vision, Target Optical and Sears Optical.


If you’re passionate about driving innovation and change and interested in a career in the optical and insurance industry, EyeMed wants to start the conversation and help provide you a growth-focused opportunity with America’s fastest growing vision benefits company.


The Director of Information Security (IS) is responsible for the governance, policy management, detection and prevention threat strategy and initiatives, and risk management programs for EyeMed. The Director will lead the Information Security compliance and risk team and ensure required Regulatory, Federal (e.g. HIPAA), State and Client contractual obligations are met.  The Director will also be responsible for education and awareness training; investigations, and the execution of strategic projects.



  • Responsible for aligning Information Security (IS) programs with corporate initiatives to ensure information assets and business processes are adequately protected and managed
  • Responsible for strategic competence in the areas of security, availability, confidentiality, processing integrity, and privacy
  • Develop IS policies and standards
  • Manage coordination of IS initiatives with stakeholders
  • Manage audit / risk management
  • Maintain metrics and reports utilized for compliance
  • Partner with finance to establish budgets and forecasting
  • Manages the IS team; performs on-site audits
  • Collaborate with experts to build compliance framework and IT prioritization
  • Collaborate with IT counterparts to develop security solutions to meet needs of internal and external stakeholders
  • Review vendor contracts for security standards; evaluate IS topics in contract negotiations
  • Establish standards, processes and training for development teams on security and reliability standards (e.g. OWASP or similar)
  • Evaluate security controls, provide leadership updates
  • Work with experts to prepare for audits, manage audit response process and remediation
  • Ensure development, testing and implementation of security plans, products and control techniques. Identify protection goals, objectives and metrics
  • Manage operational components of security incident management including monitoring, detection, response, forensic investigation, preservation of evidence, and reporting
  • Collaborate internally to develop business continuity and disaster recovery plans



  • Bachelor’s degree computer science, IT or equivalent work experience
  • 10+ years of experience in IT or IS
  • Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
  • Strong project management skills
  • Excellent presentation, verbal communication, and written skills
  • Excellent analytical and problem-solving skills
  • Experience managing typical enterprise security and intrusion detection systems
  • Ability to work in a collaborative environment across business and technology teams



  • 5 years of management/director/executive experience preferred
  • Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
  • Experience or knowledge with healthcare or health insurance
  • Knowledge of CMS and HIPAA related vendor requirements

Upon request and consistent with applicable laws, Luxottica will provide reasonable accommodations to individuals with disabilities who need assistance in the application and hiring process.  To request a reasonable accommodation, please call the Luxottica Ethics Compliance Hotline at 1-888-887-3348 or e-mail (be sure to provide your name and contact information for either option so that we may follow up in a timely manner). 

We are an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, gender, national origin, social origin, social condition, being perceived as a victim of domestic violence, sexual aggression or stalking, religion, age, disability, sexual orientation, gender identity or expression, citizenship, ancestry, veteran or military status, marital status, pregnancy (including unlawful discrimination on the basis of a legally protected pregnancy or maternity leave), genetic information or any other characteristics protected by law.  Native Americans receive preference in accordance with Tribal Law.

Nearest Major Market: Cincinnati

Job Segment: Manager, Management

Apply now »