66 applicants

Company

Point32Health · 7 hours ago

Director, Cyber and Information Security - Operational Resiliency & Crisis Management

Remote Worker Home Office (CT)

Full-time

Remote

Director/Executive

10+ years exp

Maximize your interview chances

Health CareInsurance

Insider Connection @Point32Health

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Manage a team of managers/senior leaders responsible for overseeing the core pillars of Cyber & Information Security

Develop and implement policies, standards, and guidelines that continuously increase the organization’s Cyber & Information Security program maturity

Communicate potential security concerns/exposures with recommended improvements

Lead communication and collaboration efforts with the business and IT to ensure quality solutions are delivered

Evangelize the objective to embed security behaviors and principles into the Point32Health culture through active engagement, education, awareness, and partnership

Develop operational excellence in anticipation and response to evolving threats and opportunities to improve cyber and information security

Identify business risk and communicate risk to appropriate leadership

Collaborate with stakeholders to define and implement technical and non-technical controls designed to cyber risk objectives and legal / regulatory obligations.

Maintain the risk repository to continually identity, prioritize, and mitigate cyber and information security related risk issues

Participate in various forums and groups across Point32Health to understand the risk environment and to provide recommends that effectively incorporate security objectives while balancing the business impact of recommendations provided

Facilitate adoption of leading security practices to remain in compliance with regulations and to support our continuous monitoring and improvement goals

Maintain up-to-date knowledge of the cyber and information security industry, including awareness of new or revised security capabilities, improved security processes, threat scenarios, trends, etc.

Identify/recommend tools, processes, software, and protocols to advance or replace current security practices, services, or technologies to meet strategic objectives.

Other duties and projects as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cyber SecurityRisk ManagementNISTISOIT Security SolutionsSecurity ControlsAuditComplianceVendor ManagementIT InfrastructureApplication DesignSecure SDLCRelationship Building

Required

Bachelor’s degree in Cyber Security, Computer Science, Risk Management, or related field preferred or equivalent experience

10+ years combined IT, cyber/information security, risk, audit, compliance, with increasing responsibility

5+ years in cybersecurity or field(s) related to the programs for which the role is responsible for

5+ years in a leadership role, preferably with at least 2 of those years overseeing other managers

Experience in leading or sponsoring implementation of technical security solutions within large organizations

Experience developing and implementing process-based security controls, processes, and capabilities

Experience in engaging with and managing vendors responsible for implementing processes and/or IT solutions

Experience creating and maintaining security requirements, guidelines, and procedure documents

Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, etc

Ability to lead a team, including managers, through mentoring, coaching, and motivating - providing an opportunity to learn and grow at Point32Health

Requires the ability to identify risk within complex, interrelated programs; ability to assess dynamic situations objectively; and to make recommendations or decisions that best align with the corporate strategic objectives

Ability to communicate effectively across multiple levels of the organization including managing through cross-business area or business unit prioritization discussions

Strong relationship building skills; Must be able to work collaboratively and cooperatively as a team member, fostering an atmosphere of trust and respect

Ability to influence all levels of staff and senior management in the decision-making process

Deep understanding of IT infrastructure, program portfolio management, application design, and secure software development lifecycle (SDLC) methodologies

Must be able to work under normal office conditions and work from home as required.

Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations.

May be required to work additional hours beyond standard work schedule.