Dir Cybersecurity

About The Position

Requirements

• None specified; will accept any combination of formal education and/or prior work experience sufficient to demonstrate possession of the knowledge, skill and ability needed to perform the essential tasks of the job, typically such as would be equivalent to a Bachelor’s degree.
• Minimum of Ten (10) years of leadership experience in technology/IT with Seven (7) years leading cybersecurity within an enterprise-sized organization, is required.
• Employee must have a valid Tennessee driver’s license and state mandated minimum insurance coverage.
• Driving record must meet Covenant Health minimum standards at the date of hire and throughout employment tenure.

Nice To Haves

• Preference may be given to individuals possessing a Bachelor’s degree in Cybersecurity, Information Technology or a directly-related field from an accredited college or university.

Responsibilities

• Direct and provide leadership to all cybersecurity staff, including Security Analysts, Incident Responders, and Compliance Specialists
• Support and lead the efforts to change team cultures, dynamics, processes, and technologies that provide modern solutions to the organization
• Lead cybersecurity management team to ensure performance management and career development.
• Provide technical leadership and direction, delegate responsibilities appropriately, and identify management development opportunities
• Provide leadership, development, coaching, and guidance to ensure the appropriate departmental developmental goals are set and achieved
• Champion innovative efforts and stay abreast of leading-edge solutions for recruitment, development, and retention of the cybersecurity workforce
• Oversee the day-to-day operations of cybersecurity measures, including monitoring, detection, and response to security incidents
• Lead the incident response team in managing and resolving security breaches and incidents
• Ensure compliance with HIPAA and other relevant regulations and standards
• Lead technical implementation projects related to cybersecurity, creating plans and strategies to meet the needs of the organization
• Stay informed about emerging technologies and industry trends, making recommendations for improvement
• Develop and maintain strategic cybersecurity roadmaps, provide tactical action plans, and ensure optimum planning of cybersecurity projects and resources
• Conduct proactive resource planning based on anticipated demand
• Establish deliverables and projected milestones for solution delivery in partnership with business leaders and Senior Executives
• Lead the development of cybersecurity strategies and technical roadmap, ensuring integration with overall IT and organizational strategies
• Manage relationships with cybersecurity vendors, ensuring that contracts and agreements are in place and that vendor performance meets organizational standards
• Develop annual operating budgets and long-term capital budgets for cybersecurity projects
• Monitor network and systems performance, ensuring availability and reliability.
• Perform capacity planning
• Oversee operational and service management processes to ensure performance of all technology subcontractors
• Collaborate with other IT teams and clinical IT teams to ensure alignment and integration of cybersecurity services within the health system
• Develop relationships with key business leaders to identify service gaps and propose solutions.
• Maintain credibility with key individuals at hospitals and corporate offices, along with Legal, HR, and Privacy/Compliance.
• Develop and implement security awareness and training programs for employees to ensure they understand and adhere to cybersecurity policies and procedures.
• Oversee the assessment and management of cybersecurity risks associated with third-party vendors, partners, and bio-medical devices.
• Develop, implement, and enforce cybersecurity policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
• Lead the design and implementation of secure network architectures and systems to protect sensitive data and ensure the integrity of IT infrastructure.
• Oversee incident management and forensic investigations to identify root causes, mitigate risks, and prevent future incidents.
• Ensure compliance with relevant regulations such as HIPAA, HITECH, and other healthcare-specific cybersecurity requirements.
• Develop and maintain business continuity and disaster recovery plans to ensure the organization can quickly recover from cybersecurity incidents.
• Perform other related duties as assigned