Leads the enterprise cybersecurity function with a cloud- and AI-forward posture
Accountable for defining and executing the cybersecurity strategy, operating model, and risk posture for modern cloud platforms and AI-enabled products and services
Partners with Engineering, Infrastructure, Data/AI, and clinical/business leaders to embed security-by-design through strong cloud & AI security architecture, effective security operations, and measurable risk management
Responsible for the overall end-to-end management of the company’s cybersecurity program for corporate and cloud environments across our footprint
Develops and leads the cybersecurity function in execution of the company’s strategy, establishing security-by-design through security architecture and delivering secure, compliant, scalable platforms
Owns and evolves the enterprise security architecture, aligning to shared responsibility models and business risk tolerance
Establishes best practices AI security architecture for AI/ML and GenAI use cases
Partners with Engineering and Data/AI teams to embed DevSecOps and secure AI/ML lifecycle practices
Develops and implements strategic, technical, and operational security/infrastructure controls that are properly aligned with organizational goals and objectives
Manages the Security Operations team responsible for maintaining security configurations
Executes and improves the core functions of the Cybersecurity Operations Center
Manages security vendors including Approved Scanning Vendors, Managed Security Service Providers, and external pen test vendors
Responsible for creating and maintaining dashboards that monitor security and risk KPIs
Serves as internal information security consultant on information security projects/initiatives
Works closely with the Engineering, Applications, and Infrastructure teams to design and implement automated security controls in operational methodology

Requirements

Bachelor’s degree in information technology or a related field or 4 years of U.S. Military cybersecurity training experience
8+ years of security related experience in healthcare
4+ years of management or supervisory experience
In depth knowledge of security processes
In depth knowledge of incident response, investigative, and forensic procedures
In depth knowledge of security tools including threat detection and prevention, systems and network security monitoring, vulnerability management, certificate services, data loss prevention (DLP), endpoint protection (IDR/EDR), and SIEM technologies
Experience obtaining HiTRUST certification and SOC2 Type II attestation
Broad knowledge of Identity Access Management, including PAM/PIM
Broad knowledge of enterprise systems, operating systems, and hardware platforms
Broad knowledge of storage technologies, local storage, Arrays, SAN's, IP-Storage, NAS, File Systems
Deep knowledge of cloud platforms and security controls (e.g., IAM, network segmentation, encryption/key management, logging/monitoring, vulnerability management) and cloud security posture/workload protection concepts
Working knowledge of AI/ML and GenAI security concepts, including data governance, model and pipeline security, threat modeling, security testing/evaluation, and AI risk management frameworks (e.g., NIST AI RMF)
Proven ability to define and govern security architecture (principles, standards, reference architectures, patterns, and guardrails) and influence engineering roadmaps through risk-based decision-making
Basic knowledge of financial models and budgeting
Ability to understand the long-term ("big picture") and short-term perspectives of situations
Ability to quickly comprehend the functions and capabilities of new technologies
Ability to work with individuals of all levels with varying technical skills
Ability to work under pressure with minimal supervision, managing multiple projects simultaneously
Ability to work within a high performing team against tight deadlines
Ability to interface and communicate well across all departments of the organization and with Technology leadership at ownership organizations
Familiarity with Agile/Scrum methodologies preferred
Experience with ADO preferred
In depth knowledge of PCI/DSS, HIPAA and SOX audits, and other industry audits preferred

Benefits

Health, Dental, Vision, Disability & Life Insurance, and much more
401K Retirement Plan (with company match)
Tuition, Professional License and Certification Reimbursement
Paid Time Off, Holidays and Volunteer Time
Paid Orientation and Training
Great Place to Work Certified

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity strategycloud security architectureAI security architectureDevSecOpsincident responseforensic proceduresvulnerability managementendpoint protectionSIEM technologiesidentity access management

Soft Skills

leadershipcommunicationproject managementrisk-based decision-makingteam collaborationproblem-solvingadaptabilitypressure managementstrategic thinkinginterpersonal skills

Certifications

HiTRUST certificationSOC2 Type II attestation