Vice President, Chief Information Security Officer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Carle Health · 3 months ago

Vice President, Chief Information Security Officer

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level
date5+ years exp

Carle Health is a healthcare system based in Urbana, IL, seeking a Vice President, Chief Information Security Officer (CISO) to oversee the enterprise-wide security program. The CISO will be responsible for developing and implementing a comprehensive information security risk management program, leading incident response efforts, and collaborating with various stakeholders to ensure compliance and security across the organization.

Hospital & Health Care

Responsibilities

Develops, implements and monitors a strategic, comprehensive enterprise information security risk management program using a risk-based approach
Drives the development and execution of a comprehensive information security strategy and incident response roadmap and plan that aligns with business goals and industry best practices
Lead and partners with operations across the system to develop, modify and maintain organizational incident response plans to include a comprehensive ransomware event plan
Provide regular reporting on the current status of the information security program to executive leadership and board members
Collaborates with senior management and key business stakeholders (audit & risk, legal, compliance, operations, IT) to align initiatives and resources to meet overall business objectives
Engages with corporate and external auditors, compliance and legal teams to ensure compliance with internal plans, laws and regulations, including privacy and others, as needed
Establishes and enforces robust information security policies, standards, and procedures, ensuring adherence across the organization
Effectively leads incident response efforts in the event of a cybersecurity breach or incident, including coordinating with internal teams and external stakeholders to mitigate the impact and ensure timely resolution and communication
Oversees a program that evaluates the security posture of third-party vendors and partners and ensuring that appropriate security measures are in place to protect shared data and resources
Defines security requirements and manages security risks associated with third party vendors to ensure compliance with organizational standards
Working knowledge of Health Insurance Portability and Accountability Act (HIPAA), National Institute of Standards and Technology (“NIST”) Cybersecurity Framework, Payment Card Industry (“PCI”), Information Technology Infrastructure Library, and Information Security Best Practices
Working knowledge of security technologies such as SIEM, endpoint detection and response, network protection (IPS, NAC, firewalls), vulnerability management, identity management, etc
Strong understanding of cloud security and experience with cloud service providers (AWS, Azure, etc.) and Artificial Intelligence as it relates to healthcare entities
Provides strong leadership to the various team members through mentoring, career development, interpersonal skills, and enabling leadership skills
Exhibits effective team leadership and collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues
Establishes a culture of high performance, productivity, creativity, and innovation
Stays informed on the evolving landscape of security and technology to continuously improve security practices, policies, and awareness
Performs other duties assigned

Qualification

Information Security StrategyRisk ManagementIncident ResponseCybersecurity LeadershipCISSP CertificationCloud SecurityCompliance KnowledgeSecurity TechnologiesTeam LeadershipEffective CommunicationContinuous Learning

Required

Certified Information Systems Security Professional (CISSP)
Bachelor's Degree: Computer Science or related
Leadership in Information Cyber Security - 5+ years (healthcare preferred)
Strong technical background and understanding of threats, risk mitigation and technical controls
Ability to develop, implement and monitor a strategic, comprehensive enterprise information security risk management program using a risk-based approach
Experience in driving the development and execution of a comprehensive information security strategy and incident response roadmap and plan that aligns with business goals and industry best practices
Ability to lead and partner with operations across the system to develop, modify and maintain organizational incident response plans
Experience in providing regular reporting on the current status of the information security program to executive leadership and board members
Ability to collaborate with senior management and key business stakeholders to align initiatives and resources to meet overall business objectives
Experience engaging with corporate and external auditors, compliance and legal teams to ensure compliance with internal plans, laws and regulations
Ability to establish and enforce robust information security policies, standards, and procedures
Experience leading incident response efforts in the event of a cybersecurity breach or incident
Ability to oversee a program that evaluates the security posture of third-party vendors and partners
Working knowledge of Health Insurance Portability and Accountability Act (HIPAA), National Institute of Standards and Technology (NIST) Cybersecurity Framework, Payment Card Industry (PCI), Information Technology Infrastructure Library, and Information Security Best Practices
Working knowledge of security technologies such as SIEM, endpoint detection and response, network protection (IPS, NAC, firewalls), vulnerability management, identity management
Strong understanding of cloud security and experience with cloud service providers (AWS, Azure, etc.) and Artificial Intelligence as it relates to healthcare entities
Ability to provide strong leadership to team members through mentoring, career development, interpersonal skills, and enabling leadership skills
Exhibits effective team leadership and collaboration skills
Ability to establish a culture of high performance, productivity, creativity, and innovation
Stays informed on the evolving landscape of security and technology to continuously improve security practices, policies, and awareness

Benefits

Comprehensive benefits package

Company

Carle Health

twitter
Glassdoor3.6
company-logo
Carle Health is a vertically integrated system with a bold but simple mission: to be the trusted partner in all healthcare decisions for everyone who depends on it.
dateFounded in 1946
location
Urbana, IL, US
people-size10001+ employees
web-link
http://www.carle.org

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Matthew Kolb
Executive Vice President, Chief Operating Officer
linkedin
leader-logo
Dawn Walden
Senior Vice President, Chief Revenue Cycle Officer
linkedin

Recent News

SiliconANGLE
Nvidia debuts new AI models and tools for robotics, smart cities and autonomous vehicles
2025-06-11
Fierce Healthcare
UnityPoint Health hands over central Illinois network to Carle Health
2023-04-08
Fierce Healthcare
UnityPoint Health signs deal handing over its central Illinois network to Carle Health
2022-11-11
Company data provided by crunchbase