Vice President, Chief Information Security Officer

Carle Foundation Hospital-posted 3 months ago
Full-time • Executive
Urbana, IL
Religious, Grantmaking, Civic, Professional, and Similar Organizations
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Vice President of Information Security/CISO reports directly to the SVP, Chief Risk Officer and will oversee the enterprise-wide security program. The security program includes Governance, Risk and Compliance ("GRC"), Disaster Recovery Management, Identity and Access Management and Cyber Operations. The CISO must have a strong technical background and fully understand threats, risk mitigation and technical controls. The CISO assumes accountability for the daily security tactical operations and overall strategic execution of corporate security roadmaps that safeguards company data and systems against evolving cybersecurity threats. Other responsibilities include collaborating across the health system to develop an incident command structure and plan, balancing security risk management with cost-effective decision-making to support business and care delivery priorities and fostering a culture of security awareness and continuous improvement throughout the organization. The Vice President of Information Security/CISO must exhibit a blend of leadership qualities. The CISO acts as a thought leader and strategic thinker, capable of anticipating future challenges and developing and executing security roadmaps in collaboration with various teams and peers. Leads and mentors their team, committed to team member accountability, collaboration, growth and development. An effective communicator who disseminates information, builds trust, and supports stakeholders across the organization. Appropriately scales the security program in anticipation of changing risks. A decisive leader capable of making critical decisions and executing under pressure. A continuous learner dedicated to staying updated on the latest security trends, threats, and technologies.

  • Develops, implements and monitors a strategic, comprehensive enterprise information security risk management program using a risk-based approach.
  • Drives the development and execution of a comprehensive information security strategy and incident response roadmap and plan that aligns with business goals and industry best practices.
  • Lead and partners with operations across the system to develop, modify and maintain organizational incident response plans to include a comprehensive ransomware event plan.
  • Provide regular reporting on the current status of the information security program to executive leadership and board members.
  • Collaborates with senior management and key business stakeholders (audit & risk, legal, compliance, operations, IT) to align initiatives and resources to meet overall business objectives.
  • Engages with corporate and external auditors, compliance and legal teams to ensure compliance with internal plans, laws and regulations, including privacy and others, as needed.
  • Establishes and enforces robust information security policies, standards, and procedures, ensuring adherence across the organization.
  • Effectively leads incident response efforts in the event of a cybersecurity breach or incident, including coordinating with internal teams and external stakeholders to mitigate the impact and ensure timely resolution and communication.
  • Oversees a program that evaluates the security posture of third-party vendors and partners and ensuring that appropriate security measures are in place to protect shared data and resources.
  • Defines security requirements and manages security risks associated with third party vendors to ensure compliance with organizational standards.
  • Working knowledge of Health Insurance Portability and Accountability Act (HIPAA), National Institute of Standards and Technology ("NIST") Cybersecurity Framework, Payment Card Industry ("PCI"), Information Technology Infrastructure Library, and Information Security Best Practices.
  • Working knowledge of security technologies such as SIEM, endpoint detection and response, network protection (IPS, NAC, firewalls), vulnerability management, identity management, etc.
  • Strong understanding of cloud security and experience with cloud service providers (AWS, Azure, etc.) and Artificial Intelligence as it relates to healthcare entities.
  • Provides strong leadership to the various team members through mentoring, career development, interpersonal skills, and enabling leadership skills.
  • Exhibits effective team leadership and collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues.
  • Establishes a culture of high performance, productivity, creativity, and innovation.
  • Stays informed on the evolving landscape of security and technology to continuously improve security practices, policies, and awareness.
  • Performs other duties assigned.
  • Certified Information Systems Security Professional (CISSP)
  • Bachelor's Degree: Computer Science or related
  • Leadership in Information Cyber Security - 5+ years (healthcare preferred)
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Chief Information Officer Resume Examples
Chief Information Officer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service