Dir Cybersecurity
Dir Cybersecurity
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Overview
Director of Cyber Security IT Cyber Security
Full-Time Day Shift 80 hours per pay period
Covenant Health Overview:
Covenant Health is the regions top-performing healthcare network with 10hospitalsoutpatient and specialtyservicesandCovenant Medical Group our areas fastest-growing physician practice division. Headquartered in Knoxville Covenant Health is a community-owned integrated healthcare delivery system and the areas largest employer. Our more than 11000 employees volunteers and 1500 affiliated physicians are dedicated to improving the quality of life for the more than two million patients and families we serve every year. Covenant Health is the only healthcare system in East Tennessee to be named a Forbes Best Employer seven times.
Position Summary:
TheDirector of Cybersecurityreports to the Chief Information Security Officer (CISO) and is responsible for overseeing cybersecurity operations and strategy within Covenant Health. This role ensures Confidentiality Integrity and Availability of information assets particularly sensitive data (PHI). This role also involves setting the vision and direction for cybersecurity services implementing standards and security policies that are maintained and managing technical implementation projects. The Director of Cybersecurity has financial and budgetary responsibilities manages a wide range of vendors and external partners and personnel management within the cybersecurity area. This position leads and ensures performance management and career development for an extended team of cybersecurity professionals. The role also involves developing strategic cybersecurity roadmaps and collaborating with other IT and clinical technology teams within the health system to secure sensitive data and ensure compliance with HIPAA regulations
Recruiter:
Susanna Mcguinn
Responsibilities
Leadership & Team Management
- Leadership:Direct and provide leadership to all cybersecurity staff including Security Analysts Incident Responders and Compliance Specialists
- Change Agent:Support and lead the efforts to change team cultures dynamics processes and technologies that provide modern solutions to the organization
- Team Management:Lead cybersecurity management team to ensure performance management and career development. Provide technical leadership and direction delegate responsibilities appropriately and identify management development opportunities
- Staff Development:Provide leadership development coaching and guidance to ensure the appropriate departmental developmental goals are set and achieved
- Ongoing Continuous Development:Champion innovative efforts and stay abreast of leading-edge solutions for recruitment development and retention of the cybersecurity workforce
Cybersecurity Operations
- Operations Oversight:Oversee the day-to-day operations of cybersecurity measures including monitoring detection and response to security incidents
- Incident Response:Lead the incident response team in managing and resolving security breaches and incidents
- Compliance:Ensure compliance with HIPAA and other relevant regulations and standards
- Technical Implementation:Lead technical implementation projects related to cybersecurity creating plans and strategies to meet the needs of the organization
- Continuous Improvement:Stay informed about emerging technologies and industry trends making recommendations for improvement
Strategic Planning & Implementation
- Strategic Planning:Develop and maintain strategic cybersecurity roadmaps provide tactical action plans and ensure optimum planning of cybersecurity projects and resources
- Resource Planning:Conduct proactive resource planning based on anticipated demand
- Milestone Establishment:Establish deliverables and projected milestones for solution delivery in partnership with business leaders and Senior Executives
- Technical Roadmap: Lead the development of cybersecurity strategies and technical roadmap ensuring integration with overall IT and organizational strategies
Vendor & Budget Management
- Vendor Management:Manage relationships with cybersecurity vendors ensuring that contracts and agreements are in place and that vendor performance meets organizational standards
- Budget Management:Develop annual operating budgets and long-term capital budgets for cybersecurity projects
Operational Efficiency
- Performance Monitoring:Monitor network and systems performance ensuring availability and reliability. Perform capacity planning
- Service Management:Oversee operational and service management processes to ensure performance of all technology subcontractors
Collaboration & Relationship Building
- Collaboration:Collaborate with other IT teams and clinical IT teams to ensure alignment and integration of cybersecurity services within the health system
- Relationship Building:Develop relationships with key business leaders to identify service gaps and propose solutions. Maintain credibility with key individuals at hospitals and corporate offices along with Legal HR and Privacy/Compliance.
Security Awareness and Training Programs
- Training Programs:Develop and implement security awareness and training programs for employees to ensure they understand and adhere to cybersecurity policies and procedures.
Third-Party Risk Management
- Risk Management:Oversee the assessment and management of cybersecurity risks associated with third-party vendors partners and bio-medical devices.
Policy Development and Enforcement
- Policy Development:Develop implement and enforce cybersecurity policies standards and procedures to ensure compliance with regulatory requirements and industry best practices.
Security Architecture and Design
- Architecture and Design:Lead the design and implementation of secure network architectures and systems to protect sensitive data and ensure the integrity of IT infrastructure.
Incident Management and Forensics
- Incident Management:Oversee incident management and forensic investigations to identify root causes mitigate risks and prevent future incidents.
Regulatory Compliance
- Regulatory Compliance:Ensure compliance with relevant regulations such as HIPAA HITECH and other healthcare-specific cybersecurity requirements.
Business Continuity and Disaster Recovery
- Continuity and Recovery:Develop and maintain business continuity and disaster recovery plans to ensure the organization can quickly recover from cybersecurity incidents.
Other Responsibilities
- Local Travel:Required for the role
- Other Duties:Perform other related duties as assigned
Qualifications
Education:
- Bachelors degree or equivalent experience in cybersecurity information technology or a related field is required
- Masters degree graduate certificate or certifications such as CISSP CISM or CISA are strongly preferred
Experience:
- Minimum of 7 years of leadership experience in cybersecurity within an enterprise-sized IT organization is required
- Experience in healthcare technology and healthcare/hospital clinical information systems preferred
Employment Type
Full-Time
