CTO/CISO

About The Position

Requirements

• Bachelor’s Degree in Information Technology, Computer Science, Healthcare Administration, Business Administration, or related field (Required)
• 10+ years progressive leadership experience in Information Technology, Cybersecurity, or related technical functions, including senior-level responsibility within a large, complex, multi-site organization (Required)
• Prior Experience leading enterprise cybersecurity programs, infrastructure operations, technology architecture, or major technical transformation initiatives (Required)
• Prior Experience with information security governance, incident response, business continuity, disaster recovery, and regulatory compliance (Required)
• Strong understanding of enterprise infrastructure, cybersecurity frameworks, information security controls, and modern technology architecture.
• Demonstrated ability to align technology and security strategy with business and clinical objectives.
• Strong knowledge of healthcare information systems, privacy requirements, and regulatory expectations.
• Executive-level communication, influence, and stakeholder management skills.
• Ability to assess and communicate complex technical and cyber risks in business terms.
• Financial acumen with experience managing large operating and capital budgets.
• Proven change-management and organizational leadership capabilities.
• Ability to balance strategic vision with hands-on operational oversight.

Nice To Haves

• Master’s Degree in related field (Preferred)
• CISSP, CISM, CISA, CRISC, CCSP, or other relevant industry certification (Preferred)
• Prior Experience in the healthcare industry (Preferred)

Responsibilities

• Develops and executes enterprise technology and information security strategies aligned with organizational priorities, regulatory requirements, and risk tolerance.
• Leads enterprise cybersecurity and information security programs, including governance, policies, standards, controls, and ongoing maturity improvement.
• Provides executive oversight for enterprise infrastructure, cloud technologies, network services, platform engineering, endpoint strategy, identity and access management, and core technical operations.
• Establishes and maintains enterprise security architecture and technical standards to support scalability, resilience, interoperability, and protection of organizational assets.
• Directs cyber risk assessment processes and partners with executive leadership to prioritize remediation activities and security investments.
• Oversees security operations, threat monitoring, vulnerability management, penetration testing, incident response, and recovery planning.
• Leads the organization’s business continuity and disaster recovery strategies for enterprise systems and critical technology services.
• Partners with compliance, legal, privacy, and internal audit leaders to support compliance with HIPAA, HITECH, and other applicable regulatory, privacy, and security requirements.
• Ensures security and technical controls are incorporated into enterprise systems, third-party technologies, and new digital initiatives from design through implementation.
• Provides executive oversight for technology-related risk management, including third-party security assessments and ongoing vendor risk monitoring.
• Advises the CIO and senior leadership on emerging technology risks, threat landscape trends, infrastructure investments, and opportunities to strengthen enterprise capabilities.
• Establishes and monitors KPIs, KRIs, SLAs, and performance measures related to infrastructure reliability, cybersecurity effectiveness, service resilience, and operational efficiency.
• Supports enterprise governance processes related to technology architecture, cybersecurity, technical standards, investment prioritization, and vendor management.
• Ensures compliance with healthcare regulations, privacy standards, security requirements, and internal policies.
• Assists in development and management of enterprise IT budgets, capital planning, and cost-optimization initiatives for assigned functions.
• Evaluates vendor performance and supports contract negotiations and strategic sourcing decisions related to technology and security services.
• Leads, mentors, and develops senior technical and security leaders and high-potential talent across assigned functions.
• Promotes a culture of accountability, collaboration, innovation, service excellence, and continuous improvement.
• Drives enterprise awareness, change management, and communication strategies related to technology modernization and information security practices.