Valleywise Health System

Compensation

Full Description

Under the direction of the Senior Vice President (SVP) & Chief Information Officer (CIO), the Executive Director IT Security and CISO is responsible for the IT Security and Compliance functions for the organization. You will be responsible for developing, directing, and maintaining an enterprise-wide information security program to ensure that information assets are adequately protected. This position oversees the identification, evaluation, and reporting of information security risks in a manner that meets industry compliance and regulatory requirements. You are directly responsible for ensuring that each significant software deployment or release of our mission-critical applications, including Epic and those related to Centers for Medicare and Medicaid ("CMS"), regulatory, and Office of Civil Rights ("OCR") requirements, meets or exceeds the healthcare company's compliance requirements. In this role, you’ll proactively work with the HIPAA Compliance Specialist and functional business areas to implement practices that meet defined policies and standards for information security and compliance arenas. This leadership position will serve as the process owner for all ongoing activities related to the availability, integrity, and confidentiality of patient, customer, business partner, employee, and clinical/business information, in compliance with the organization's information security policies. Annual Salary Range: $161,886.40 - $238,825.60 Qualifications Education: • Requires a Master's degree in Information Technology, Computer Science, Management Information Systems, or related field; or an equivalent combination of training and progressively responsible experience that will result in the required specialized knowledge and abilities to perform the assigned work. Experience: • Must have a minimum of ten (10) years of progressively responsible healthcare Information Systems software/system security and privacy experience that demonstrates a high level of understanding of the required knowledge, skills, and abilities. • Experience must include demonstrated leadership ability, preferably working as a Director of IT or related management position in a healthcare setting. Specialized Training: • Preferred exposure to EMR (Epic preferred) in a large ambulatory and teaching hospital environment relative to HIPAA privacy compliance. Certification/Licensure: • Preferred Certified Information Systems Security Professional (CISSP) certification, Certified Chief Information Security Officer (CISO), Certified Information Security Manager (CISM), or other IT Security relevant certifications. Knowledge, Skills & Abilities: • Must be a successful leader of people, have strong leadership skills, and the ability to motivate a team. • Must be able to decide how to allocate people, time, and other resources to create, execute, and accomplish an operating or project plan on time and within budget. • Must have solid analytical and problem-solving skills along with the ability to utilize the appropriate management techniques to plan, organize, control, and coordinate activities. • Must be able to manage priorities in a dynamic environment and adapt to change quickly and positively. Must demonstrate ability to be self-directed, as well as demonstrate excellent organizational, analytical, and interpersonal skills. • Must be able to work as a team member with peers, other managers, staff, and senior leadership. • Must possess good customer service and communications skills, the ability to work with professionals, and maintain confidentiality standards. • Must have highly developed business acumen with working knowledge/understanding of business processes. • Must possess knowledge of security and control frameworks, such as NIST, ISO, CobiT, COSO, HITRUST CSF, and ITIL. • Advanced knowledge of the NIST Risk Management Framework and Cybersecurity Framework required. • Requires the ability to read, write, and speak effectively in English. Location: Valleywise Health System · IT Security Schedule: Regular FT 40 Hours Per Week, Days