Director Chief Information Security Officer - IS Technology jobs in United States
cer-icon
Apply on Employer Site
company-logo

St. Peter's Health · 1 month ago

Director Chief Information Security Officer - IS Technology

positionSt. Peter's Hospital, Helena, MT, 59601, US
timeFull-time
remoteOnsite
seniorityLead/Staff, Director/Executive
date2+ years exp

St. Peter's Health is a healthcare organization seeking a Chief Information Security Officer (CISO) to lead their information security strategy and program. The CISO will be responsible for protecting the organization's information assets, managing security risks, ensuring compliance with regulations, and fostering a security-conscious culture throughout the organization.

Health CareHospitalNon Profit
check
H1B Sponsor Likelynote

Responsibilities

Develop and execute a comprehensive, long-term information security strategy and roadmap that is aligned with the organization's clinical and business objectives
Establish and maintain the organization's information security management framework (e.g., based on 405D, NIST CSF, ISO 27001, or HITRUST)
Collaborate with SPH leadership, including the Board of Directors, to define the organization’s risk tolerance and regularly report on the overall security posture, emerging threats, and mitigation plans
Manage the information security budget and oversee all security-related technology investments
Lead enterprise-wide risk assessments to identify, prioritize, and manage security risks to all information systems and data
Ensure rigorous compliance with all relevant federal, state, and international data privacy and security regulations, including HIPAA/HITECH, GDPR, and other applicable laws
Oversee the development, implementation, and maintenance of all security policies, procedures, and standards
Manage audit readiness and lead remediation efforts for all internal and external security and compliance audits (e.g., HITRUST, SOC 2)
Oversee a robust Vendor and Third-Party Risk Management program to assess and mitigate security risks introduced by external partners
Direct security operations, including threat and vulnerability management, identity and access management (IAM), Security Information and Event Management (SIEM), and endpoint protection
Lead the development, implementation, and ongoing testing of the Incident Response (IR), Disaster Recovery (DR), and Business Continuity (BC) plans to ensure operational resilience for clinical and administrative systems
Serve as the executive crisis manager for all major security incidents and breaches, coordinating investigation, forensic analysis, root cause determination, and executive-level communications
Oversee the security of electronic health record (EHR) systems, medical devices, and all clinical technology platforms
Build, mentor, and lead a high-performing information security team with expertise across governance, risk, compliance (GRC), and security operations (SecOps)
Foster a strong, security-conscious culture across the entire organization (employees, clinicians, and contractors) through mandatory and role-specific security awareness and training programs
Act as a collaborative partner to all business units, including IT, Clinical Operations, Legal, and HR, to ensure security is embedded into all new technologies and clinical workflows

Qualification

Information Security StrategyRisk ManagementCybersecurity TechnologiesHealthcare ComplianceIncident ResponseEHR SystemsSecurity FrameworksVendor Risk ManagementExecutive CommunicationLeadershipCommunication

Required

Minimum 2 years of progressive experience in Information Security, with at least 2 years in a senior leadership/executive role (CISO or equivalent)
Deep and demonstrated expertise in the healthcare industry, with a strong understanding of clinical workflows, EHR systems, and the protection of PHI
Expertise with enterprise-grade security architecture, including IAM, cloud security (AWS/Azure/GCP), network segmentation, and advanced threat detection tools
Proven track record of conducting and managing enterprise risk assessments and developing effective mitigation strategies
Bachelor's degree in Computer Science, Information Security, or a related field

Preferred

Minimum 2 years in a senior leadership/executive role (CISO or equivalent)
Deep and demonstrated expertise in the healthcare industry, with a strong understanding of clinical workflows, EHR systems, and the protection of PHI
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Chief Information Security Officer (CCISO)
HITRUST CSF Practitioner (CCSFP)
Master's degree

Company

St. Peter's Health

twittertwittertwitter
company-logo
St. Peter's Health partners with the community to provide exceptional and compassionate health care.
dateFounded in 1883
location
Helena, Montana, USA
people-size1001-5000 employees
web-link
https://www.stpetes.org

H1B Sponsorship

St. Peter's Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (2)
2022 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Nathan Coburn
Chief Financial Officer
linkedin
leader-logo
Cindy Bultena
Chief Nursing and Patient Experience Officer
linkedin

Recent News

AP News
Montana medical board revokes cancer doctor’s license after accusations of harming patients
2025-12-24
Company data provided by crunchbase