Point32Health · 3 months ago
Director, Cyber and Information Security - Operational Resiliency & Crisis Management
Connecticut, United States
Full-time
Onsite
Director/Executive
$188K/yr - $282K/yrPoint32Health is a leading not-for-profit health and well-being organization dedicated to delivering high-quality, affordable healthcare. The Director of Cyber and Information Security will lead the organization’s efforts in business continuity, disaster recovery, and incident management, ensuring preparedness for technology interruptions and enhancing the Cyber & Information Security program.
Health CareInsurance
Responsibilities
Developing and implementing a strategy and practices that will ensure that the organization is prepared for events that may result in extended interruption of technology systems, applications, or business operations
Setting requirements and providing education to business and technology stakeholders about their roles in supporting the organization's business continuity, disaster recovery, and incident/crisis management disciplines
Development, maintenance, and adoption of a single incident/crisis management framework across the organization - all hazard/threat types
Ensuring that the organization's business continuity and disaster recover procedures/playbooks remain up-to-date
Leading tabletop and simulation exercises to help ensure preparedness and to proactively identify and address opportunities for improvement
Anticipate the impact of core systems, applications, facilities, and vendor relationships being unavailable and implement plans that will reduce the impact of those events
Manage a team of managers/senior leaders responsible for overseeing the core pillars of Cyber & Information Security
Develop and implement policies, standards, and guidelines that continuously increase the organization’s Cyber & Information Security program maturity
Communicate potential security concerns/exposures with recommended improvements
Lead communication and collaboration efforts with the business and IT to ensure quality solutions are delivered
Evangelize the objective to embed security behaviors and principles into the Point32Health culture through active engagement, education, awareness, and partnership
Develop operational excellence in anticipation and response to evolving threats and opportunities to improve cyber and information security
Identify business risk and communicate risk to appropriate leadership
Collaborate with stakeholders to define and implement technical and non-technical controls designed to cyber risk objectives and legal / regulatory obligations
Maintain the risk repository to continually identity, prioritize, and mitigate cyber and information security related risk issues
Participate in various forums and groups across Point32Health to understand the risk environment and to provide recommends that effectively incorporate security objectives while balancing the business impact of recommendations provided
Facilitate adoption of leading security practices to remain in compliance with regulations and to support our continuous monitoring and improvement goals
Maintain up-to-date knowledge of the cyber and information security industry, including awareness of new or revised security capabilities, improved security processes, threat scenarios, trends, etc
Identify/recommend tools, processes, software, and protocols to advance or replace current security practices, services, or technologies to meet strategic objectives
Other duties and projects as assigned
Qualification
Required
Experience in leading a team responsible for Cyber & Information Security
Proven ability to develop and implement policies, standards, and guidelines for Cyber & Information Security
Strong communication skills to convey potential security concerns and recommended improvements
Experience in collaborating with business and IT to deliver quality solutions
Ability to embed security behaviors and principles into organizational culture
Experience in developing operational excellence in response to evolving threats
Ability to identify and communicate business risks to leadership
Experience in defining and implementing technical and non-technical controls for cyber risk objectives
Ability to maintain a risk repository to identify, prioritize, and mitigate cyber and information security risks
Experience in participating in forums to understand the risk environment and provide recommendations
Ability to facilitate the adoption of leading security practices to ensure compliance with regulations
Up-to-date knowledge of the cyber and information security industry, including new security capabilities and trends
Experience in identifying and recommending tools, processes, software, and protocols to improve security practices
Benefits
Medical, dental and vision coverage
Retirement plans
Paid time off
Employer-paid life and disability insurance with additional buy-up coverage options
Tuition program
Well-being benefits
Full suite of benefits to support career development, individual & family health, and financial health
Company
Point32Health
Point32Health is a leading health & wellbeing organization, delivering an ever-better health care experience to everyone.
Founded in 2021
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
SMILE Health
2023-08-08Non Equity Assistance
Leadership Team
K
Kristin Lewis
EVP, Chief Public & Community Affairs Officer & Point32Health Foundation President
Recent News
2025-12-02
2025-11-07
Company data provided by crunchbase