VP Chief Information Security Officer - Akron, United States - Akron Children's

    Akron Children's
    Akron Children's Akron, United States

    1 month ago

    Default job background
    Description

    **VP Chief Information Security Officer**

    CAROUSEL_PARAGRAPH

    Akron, OH

    IT IS

    ** Share Job**

    mail_outlineSign up now to receive job alerts matching this search.

    or ** Job Description**

    **About Akron Childrens Hospital**

    Akron Childrens Hospital has been caring for children since 1890, and our pediatric specialties are ranked among the nations best by U.S. News & World Report. With two hospital campuses, regional health centers and more than 50 primary and specialty care locations throughout Ohio, were making it easier for todays busy families to find the high-quality care they need. In 2020, our health care system provided more than 1.1 million patient encounters. We also operate neonatal and pediatric units in the hospitals of our regional health care partners. Every year, our Childrens Home Care Group nurses provide thousands of in-home visits, and our School Health nurses manage clinic visits for students from preschool through high school. With our Quick Care Online virtual visits and Akron Childrens Anywhere app, were here for families whenever and wherever they need us. Learn more at .

    OUR PROMISES

    To treat every child as we would our own

    To treat others as they would like to be treated

    To turn no child away for any reason

    Prior to the start date, full COVID-19 vaccination is required for employment. Full vaccination is defined as 14 days after the last received vaccination. Boosters are excluded from this requirement.

    We are seeking people who are committed to fostering a diverse environment in which patients, family and staff from a variety of backgrounds, cultures, and personal experiences are welcomed, included and can thrive.

    **Summary:**

    The Chief Information Security Officer is the key advisor to the CIO and other enterprise leadership on information security matters. Responsible for the planning and development of an enterprise information cybersecurity strategy and best practices in support of the enterprises information security architecture. The CISO role serves as an expert advisor to the CIO, administrative staff, directors and senior management in the development, implementation, and maintenance of a Company-wide information security governance framework to ensure best practice control objectives are achieved for cyber system and data integrity, availability, confidentiality, accountability, and assurance. The CISO oversees IT Information Security and recommends, prioritizes investments, and technology projects that mitigate overall cybersecurity risks, strengthen defenses, and reduce vulnerabilities for development, internal and client-facing systems. Acts as corporate advocate for information security and business continuance best practices. Consults with senior IT and business leaders regarding their information security risks and responsibility in minimizing those risks. Must have deep technical knowledge and experience in cybersecurity to ensure that information systems are maintained in a fully functional and secure mode and are complaint with legal, regulatory, and contractual obligations. Additionally, you will work with executive management to determine acceptable levels of risk for the organization.

    **Responsibilities:**

    Define and execute information security governance processes, including security reviews to ensure that the confidentiality, integrity, and availability of enterprise information is assured

    Establish requirements for, and oversee operation of, an enterprise information security architecture and infrastructure that includes Security Information and Event Management, Network and Host Intrusion Detection/Prevention Systems, Vulnerability Scanning and Penetration Testing

    Develop, maintain, and apply an enterprise information security policy and applicable standard operating procedures for security activities; ensure all critical business processes are covered including mergers and acquisitions, enterprise resource planning, supply chain, human resources, continuity of operations, disaster recovery, incident response, and others.

    Monitor the environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action

    Coordinate information security projects with resources from the IT organization and business unit teams

    Monitor threat intelligence from multiple sources. Determine the likelihood and potential impact of threats to the environment. Develop communications for various audiences as appropriate (e.g., all hands, executives, application developers, audit board).

    Maximize technologies along with internal and external resources to achieve appropriate logging and monitoring.

    Promote information technology risk management and information security awareness, education, and training for the health system. Leverage deep understanding of organizational culture and risk tolerance to influence positive change across the enterprise moving toward a more information risk-aware culture.

    **Other information:**

    Bachelors degree in Business Administration or a technology-related field and minimum of 8-12 years of relevant experience in a combination of risk management, information security and IT roles.

    Security Certification of CISSP, HCISSP, SSCP or similar is required.

    Comprehensive knowledge of IT security technologies, techniques and best practices that cover all levels of IT architecture, including those that affect business processes, data applications and network and systems infrastructure and their effects on a diverse computing environment.

    Thorough knowledge of the various industry and government strategies and standards in privacy and security including Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (COBIT), International Organization for Standardization (ISO), US National Institute for Standards and Technology (NIST) and others where applicable.

    Expert experience in general IT, TCP/IP networking, intrusion detection systems, firewalls, virtual private networks, access controls, encryption techniques, IT security solution deployment strategies and management and vulnerability assessments.

    Expert experience in securing cloud-based applications and infrastructure environments (i.e., AWS, Azure, Office 365, Google, etc) utilizing CASB or a similar approach

    Knowledge of business continuity planning, and risk management

    Excellent Project Management, written and oral communication skills

    Experience with contract and vendor negotiations and management including managed services

    Innovative thinking and leadership with the ability to lead and motivate cross-functional, interdisciplinary teams

    Experience in risk management and auditing is a plus

    This is not a 100% remote opportunity. Candidates must be available to work on-site in at-least a hybrid capacity.

    Full Time

    FTE:

    **Akron Children's Hospital is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individual with Disabilities.**

    **EEO is the law, please click/copy paste the link below to learn more:**