Director Information Security and Risk Management

Shift:

Director Information Security and Risk Management

In an era where cyber threats evolve faster than ever safeguarding patient lives groundbreaking research and educational excellence demands visionary leadership. As Director of Information Security & Risk Management at Nebraska Medicine and UNMC youll set the enterprise-wide cybersecurity strategy owning the vision reliability and lifecycle of resilient defenses that protect our mission: transforming lives and creating a healthier future through extraordinary patient care innovative research and premier education. Lead high-impact teams in delivering secure scalable solutions while influencing executives to champion innovation operational excellence and unbreakable trust in our academic health system.

Details: Director Information Security and Risk Management

• Candidates must reside in NE or IA
• This is a hybrid position - MUST BE ABLE TO WORK ON CAMPUS
• Preferred consideration will be given to applicants with Risk management and compliance expertise including HIPAA NIST CSF PCI and other regulatory framework
• Resume REQUIRED for consideration

Why Work at Nebraska Medicine

• Together. Extraordinary. Join a team that values your skills delivering exceptional care through collaboration.
• Leading Health Network Work with the regions top academic health network partnering with UNMC to transform lives through education research and patient care.
• Dignity and Respect: We value all backgrounds and experiences reflecting the communities we serve.
• Educational Support Enjoy up to $5000/year in tuition assistance a 35% discount at Clarkson College and career advancement opportunities with covered educational costs. Enjoy support for your personal growth within the organization from those just starting their healthcare careers to those who are years down the path.

Be part of something extraordinary at Nebraska Medicine!

The Director of Information Security & Risk Management sets the strategic direction for enterprise Cybersecurity & IT Risk across Nebraska Medicine and UNMC. This role oversees multiple teams and functions ensuring alignment of IT strategy with organizational goals for patient care education and research. Owns the vision reliability and lifecycle of Cybersecurity & Risk Management managing portfolios and investments to deliver secure resilient and scalable solutions. Acting as an enterprise leader this position influences senior leadership and executives to drive innovation and operational excellence.

Required Qualifications: Director Information Security and Risk Management

Minimum of 10 years progressive experience in Information Security & Risk engineering including large complex multisite environments required.

Minimum of 5 years leading technical teams with 247 operational accountability required.

Bachelors degree in computer science Information Systems Engineering or related field required.

Handson expertise with enterprise Cybersecurity Identity & Access Management and Risk management required.

Demonstrated mastery of ITIL processes (incident change problem) and service reporting required.

Strong vendor management and budgeting experience required.

Preferred Qualifications: Director Information Security and Risk Management

Healthcare delivery organization & higher education/research experience and familiarity with clinical communications preferred.

CISSP CISM CRISC ITIL PMP certifications preferred.

Proven experience developing and executing enterprise security strategies including identity and access management GRC and security engineering preferred.

Hands-on leadership of SOC operations incident response and threat intelligence programs preferred.

Risk management and compliance expertise including HIPAA NIST CSF PCI and other regulatory frameworks preferred.

Cloud security and zero-trust architecture implementation experience preferred.

Vendor risk management and third-party security assessments in complex ecosystems preferred.

Security automation and DevSecOps integration within CI/CD pipelines preferred.