We’re unique. You should be, too.
We’re changing lives every day. For both our patients and our team members. Are you innovative and entrepreneurial minded? Is your work ethic and ambition off the charts? Do you inspire others with your kindness and joy?
We’re different than most primary care providers. We’re rapidly expanding and we need great people to join our team.
The Chief Information Security Officer (CISO) is responsible for establishing and maintaining ChenMed’s comprehensive information security strategy and program to ensure information assets and technologies are adequately protected. The incumbent in this role is accountable for setting the vision for the security and IT risk management programs and overseeing program execution. He/She works closely with executive management to determine acceptable levels of risk for the organization.
ESSENTIAL JOB DUTIES/RESPONSIBILITIES:
- Manages company-wide information security governance processes by directing information security staff and partnering with IT and business leaders to build an information security program and associated priorities.
- Directs and oversees the strategic plan of ChenMed's information security program.
- Establishes long-range security and compliance goals, defines security strategies, metrics, reporting mechanisms and program services; creates maturity models and a roadmap for continual program improvements.
- Leads efforts to continually assess, evaluate and make recommendations to management regarding the adequacy of the security controls for ChenMed and technology systems; requires proactive hands on approach.
- Provides strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
- Educates IT and Business leaders on appropriate security risk and mitigation strategies and approaches.
- Develops, implements and administers technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
- Creates education and awareness programs and advises on security issues, best practices, and vulnerabilities.
- Leads the development and implementation of effective policies, processes, and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation. Oversees training and dissemination of security policies and practices.
- Partners with business units to facilitate IT risk assessment and risk management processes and works with stakeholders through the company on identifying acceptable levels of residual risk.
- Collaborates with Corporate Compliance and Legal Departments as needed and coordinates the IT component of both internal and external audits, federal and state examinations to ensure security programs are compliant with HIPAA security rules, other relevant laws, regulations and policies.
- Manages security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
- Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals.
- Coordinates development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provides direction, support and in-house consulting in these areas.
- Evaluates new security threats and healthcare IT trends and develops effective security controls.
- Performs other duties as assigned and modified at manager’s discretion.
KNOWLEDGE, SKILLS AND AND ABILITIES:
- Highly-developed business acumen and acuity
- Expert knowledge and understanding of standard Information Security methodologies, functions, practices, procedures and techniques
- Excellent knowledge of technology environments, including information security, cyber security, and defense in-depth solutions
- Current knowledge of federal and state privacy and security laws and regulations, as well as industry best practices.
- Superior people management skills: Ability to bring groups together on a common goal
- Excellent project management skills; experience in organizing, planning and executing projects from vision through implementation, involving internal personnel, contractors and vendors; ability to analyze project needs and determine resources needed to meet objectives
- Excellent written and communication skills, including engagement and communication with C-suite executives
- Ability to explain information security, cyber security and data privacy issues and programs to non-technical and non-expert audiences
- Ability to think strategically and understand trends in technology, along with being able to translate those trends into opportunities for ongoing improvement
- Strong communicator with ability to maintain open communication with internal employees, managers and external resources
- Able to prioritize and drive to results with a high emphasis on quality
- Advanced skill in Microsoft Office Suite products including Word, Excel, PowerPoint and Outlook, plus a variety of other word-processing, spreadsheet, database, e-mail and presentation software
- Ability and willingness to travel locally, regionally and nationwide up to 20% of the time
- Spoken and written fluency in English
- This job requires use and exercise of independent judgment
We’re ChenMed and we’re transforming healthcare for seniors and changing America’s healthcare for the better. Family-owned and physician-led, our unique approach allows us to improve the health and well-being of the populations we serve. We’re growing rapidly as we seek to rescue more and more seniors from inadequate health care.
ChenMed is changing lives for the people we serve and the people we hire. With great compensation, comprehensive benefits, career development and advancement opportunities and so much more, our employees enjoy great work-life balance and opportunities to grow. Join our team who make a difference in people’s lives every single day.
EDUCATION AND EXPERIENCE CRITERIA:
- BA/BS degree in Computer Science, Information Systems, Information Technology or a closely related field required OR additional experience above the minimum may be considered in lieu of the required education on a year-for-year basis
- Master’s degree in a related IT discipline preferred
- A minimum of 15 years’ work experience in Information Security and/or IT position with increasing management responsibilities required; preferably including experience in a hyper-growth company with a demonstrated track record of IT accomplishments
- Healthcare management experience is preferred
- Certified Information System Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Healthcare Privacy & Security (CHPS) desired
To apply for this job please visit itjobpro.com.