Chief Information Security Officer - CISO

Blue Cross and Blue Shield of North Carolina

2d•Hybrid

About The Position

At Blue Cross and Blue Shield of North Carolina—we’re a mission-driven organization committed to improving the health and well-being of our members and communities. Our employees are transforming healthcare through innovation, trust, and resilience. Our Enterprise Information Security team plays a critical role in safeguarding that mission. This is a hybrid role with frequent work from our Durham headquarters required. Position Overview: We are seeking a Chief Security Officer (DCSO) to join our leadership team. This is a rare opportunity to step into a well-established, high-performing security organization and lead it into its next chapter. This position will provide strategic and operational leadership for cybersecurity, ensuring that cyber risks are effectively managed within thresholds defined by the organization’s risk appetite. This includes direct oversight of enterprise-wide cyber defense initiatives, governance frameworks, incident response protocols, and regulatory compliance. The role ensures that cybersecurity operations are tightly aligned with business objectives, and leads cross-functional teams to proactively identify, evaluate, and mitigate cyber threats that could compromise organizational resilience or financial integrity. This role is ideal for a healthcare-savvy executive who understands technology but leads first through relationships, influence, and strategic foresight. What Makes This Team Special: A deeply experienced team of upwards of 50 professionals many with tenure of 10+ years at Blue Cross NC A collaborative, strategy-setting culture with strong metrics and measures of success A shared commitment to continuous improvement, agility, and long-term impact

Requirements

10+ years of progressive leadership experience
Deep understanding of healthcare industry dynamics and regulatory environments
Proven ability to lead through influence, build trust, and drive cross-functional alignment
Comfortable with ambiguity, risk, and being wrong—yet committed to learning and evolving
Looking for a long-term employer where they can make a lasting impact
Bachelor's degree or advanced degree (where required)
10+ years of experience in related field
In lieu of degree, 12+ years of experience in related field.

Nice To Haves

North Carolina residence preferred

Responsibilities

Serve as second-in-command to the CISO, stepping in during absences or crises
Provide strategic counsel and operational continuity across the cybersecurity function
Lead day-to-day cybersecurity operations, including incident response, threat detection, and endpoint protection
Oversee identity and access management, cybersecurity architecture, and engineering
Advance the maturity of the organization’s cybersecurity program by strengthening foundational capabilities, enhancing visibility across the environment, and improving threat detection and response effectiveness.
Monitor audit controls and enterprise risk management practices
Ensure compliance with HIPAA, NIST, HITRUST, and other regulatory frameworks
Execute cybersecurity roadmaps and strategic initiatives
Partner across business units to embed security into enterprise operations
Build and mentor high-performing teams
Foster a culture of openness, agility, and psychological safety
Champion diversity of thought and a willingness to challenge assumptions

Benefits

Competitive compensation and benefits, including generous PTO, 401(k) match, and wellness programs
Hybrid work flexibility and a commitment to work-life balance
A chance to lead one of the most respected security teams in the healthcare industry

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume