ISACA
VP Chief Information Security Officer
ISACA, Jacksonville, Texas, United States, 75766
JOB SUMMARY:
This position reports directly to the Chief Information Officer. In addition, this position has a dotted-line reporting relationship to the Executive Vice President, Chief Compliance and Risk Officer (CCRO) for the purpose of ensuring that conflicts that may arise between the interests of the CCISO and CIO can be appropriately managed. This position reports on a regular and as-needed basis to Harris Health's Chief Executive Officer and Board of Trustees regarding relevant Information Security matters to include Information security training and breaches for the organization. This executive-level position encompasses the development and enforcement of policies and strategies to protect against ever-evolving cyber threats, ensuring compliance with strict healthcare regulations such as HIPAA/HITECH. The CISO directs the overall planning and execution of enterprise security systems, using operational and tactical expertise to direct security management reports, who oversee analysts, engineers and architects. As a business enabler, the CISO ensures business decisions are not hampered by security but adhere to corporate security policies and are implemented with security in mind. The CISO champions a flexible, highly adaptable and secure operating business environment. The CISO must have a strong technical background and fully understand threats, risk mitigation and technical controls to lead a team of security professionals through corporate obligations and defenses. The CISO assumes accountability for the daily tactical operations and overall strategic execution of the team under his or her leadership. The CISO reports to the chief information officer (CIO) or chief executive officer (CEO)/chief operating officer (COO), depending on the business. MINIMUM QUALIFICATIONS:
Degree:
Bachelor's Degree in Computer Science, Information Security, or related field Master's Degree in Computer Science, Information Security, or related field License & Certifications:
Certified Information Systems Security Professional (CISSP) highly preferred AND Certified Information Security Manager (CISM) OR Certified Chief Information Security Officer (CCISO) Work Experience: Fifteen (15) years professional experience in areas of expertise: Cyber/Information Security, designing and implementing enterprise Cyber/Information Security solutions. Management Experience: Ten (10) years progressive management experience in areas of expertise: HIPAA Security Regulation; and practical experience working with Cyber/Information Privacy and Security laws (such as FISMA, PCI-DSS, GLBA, FIPS, NIST-CSF and data breach reporting laws), generally accepted Cyber/Information Security principles, and accepted industry practice. Healthcare and/or Federal government experience cybersecurity experience is a plus progressive management experience. SPECIAL REQUIREMENTS:
Communication Skills:
Above Average Verbal (Heavy Public Contact), Writing/ Correspondence, Writing/Reports Knowledge/ Skills/ Abilities:
Executive Presence Disaster Recovery Planning Backup Strategy Understanding Cybersecurity Ownership & Accountability Planning & Organization Critical Thinking Work Schedule:
Eligible for Telecommute Other Requirements: - Expert technical knowledge of Cyber/Information Security, infrastructure, network, server, workstation, and security related technologies both software and hardware. - Expert working knowledge of best practice security design associated with the above technology. Strong demonstrated knowledge of technologies including network, server, desktop, storage, medical security and how Cyber/Information Security relates to the overall business of the organization.
#J-18808-Ljbffr
This position reports directly to the Chief Information Officer. In addition, this position has a dotted-line reporting relationship to the Executive Vice President, Chief Compliance and Risk Officer (CCRO) for the purpose of ensuring that conflicts that may arise between the interests of the CCISO and CIO can be appropriately managed. This position reports on a regular and as-needed basis to Harris Health's Chief Executive Officer and Board of Trustees regarding relevant Information Security matters to include Information security training and breaches for the organization. This executive-level position encompasses the development and enforcement of policies and strategies to protect against ever-evolving cyber threats, ensuring compliance with strict healthcare regulations such as HIPAA/HITECH. The CISO directs the overall planning and execution of enterprise security systems, using operational and tactical expertise to direct security management reports, who oversee analysts, engineers and architects. As a business enabler, the CISO ensures business decisions are not hampered by security but adhere to corporate security policies and are implemented with security in mind. The CISO champions a flexible, highly adaptable and secure operating business environment. The CISO must have a strong technical background and fully understand threats, risk mitigation and technical controls to lead a team of security professionals through corporate obligations and defenses. The CISO assumes accountability for the daily tactical operations and overall strategic execution of the team under his or her leadership. The CISO reports to the chief information officer (CIO) or chief executive officer (CEO)/chief operating officer (COO), depending on the business. MINIMUM QUALIFICATIONS:
Degree:
Bachelor's Degree in Computer Science, Information Security, or related field Master's Degree in Computer Science, Information Security, or related field License & Certifications:
Certified Information Systems Security Professional (CISSP) highly preferred AND Certified Information Security Manager (CISM) OR Certified Chief Information Security Officer (CCISO) Work Experience: Fifteen (15) years professional experience in areas of expertise: Cyber/Information Security, designing and implementing enterprise Cyber/Information Security solutions. Management Experience: Ten (10) years progressive management experience in areas of expertise: HIPAA Security Regulation; and practical experience working with Cyber/Information Privacy and Security laws (such as FISMA, PCI-DSS, GLBA, FIPS, NIST-CSF and data breach reporting laws), generally accepted Cyber/Information Security principles, and accepted industry practice. Healthcare and/or Federal government experience cybersecurity experience is a plus progressive management experience. SPECIAL REQUIREMENTS:
Communication Skills:
Above Average Verbal (Heavy Public Contact), Writing/ Correspondence, Writing/Reports Knowledge/ Skills/ Abilities:
Executive Presence Disaster Recovery Planning Backup Strategy Understanding Cybersecurity Ownership & Accountability Planning & Organization Critical Thinking Work Schedule:
Eligible for Telecommute Other Requirements: - Expert technical knowledge of Cyber/Information Security, infrastructure, network, server, workstation, and security related technologies both software and hardware. - Expert working knowledge of best practice security design associated with the above technology. Strong demonstrated knowledge of technologies including network, server, desktop, storage, medical security and how Cyber/Information Security relates to the overall business of the organization.
#J-18808-Ljbffr