Chief Information Security Officer
Somerville, NJ - USA
Job Summary
Mass General Brigham relies on a wide range of professionals including doctors nurses business people tech experts researchers and systems analysts to advance our mission. As a not-for-profit we support patient care research teaching and community service striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham.
Job Summary
The OpportunityAt Mass General Brigham Digital we pride ourselves on our ability to create maximum strategic clinical and operational value from established and emergent technologies for our patients care teams researchers and employees. Digital health will not only enhance the equity and efficiency of healthcare delivery but it will also help make medicine more personalized and precise.
Why Join Mass General Brigham
This is a rare opportunity to shape the future of one of the nations leading integrated healthcare systems. The CISO will play a pivotal role in advancing digital transformation cybersecurity clinical innovation and enterprise technology strategy while leading a talented team dedicated to improving patient care and advancing healthcare excellence.
What Success Looks Like
The ideal Chief Information Security Officer (CISO) will embody Mass General Brighams commitment to exceptional leadership innovation collaboration and accountability. This executive will inspire teams build trusted partnerships and drive transformative technology strategies that advance our mission of delivering world-class patient care research and operational excellence.
Leadership Competencies
Performance-Focused Leadership
The successful candidate will:
Champion a customer- and patient-centered approach fostering strong relationships and delivering technology solutions that enhance the patient and clinician experience.
Navigate complexity with confidence making sound decisions in dynamic and highly regulated environments.
Foster a culture of innovation continuously identifying new opportunities to improve organizational performance and outcomes.
Demonstrate accountability by delivering on commitments and driving measurable results across the enterprise.
Embrace continuous learning and adaptability leveraging both successes and setbacks to improve organizational effectiveness.
People-Focused Leadership
The successful candidate will:
Champion diversity equity inclusion and belonging recognizing the value of diverse perspectives in driving innovation and excellence.
Build and develop high-performing teams that leverage diverse strengths to achieve shared goals.
Foster collaboration across departments organizations and stakeholder groups to advance strategic priorities.
Communicate with clarity and purpose tailoring messages effectively for leaders clinicians staff and external partners.
Lead with integrity authenticity and transparency inspiring confidence and trust at all levels of the organization.
Key Executive Competencies
Strategic Leadership & Vision
The CISO will serve as a strategic partner to the Chief Digital & Information Officer (CDIO) helping shape and execute an integrated enterprise technology cybersecurity disaster recovery and resilience strategy aligned with Mass General Brighams long-term goals.
Key responsibilities include:
Co-developing and advancing a forward-looking technology vision that supports organizational growth innovation and operational excellence.
Leveraging data analytics and market insights to inform strategic decision-making and investment priorities.
Identifying emerging technologies and industry trends to position the organization as a leader in healthcare innovation.
Balancing transformational ambition with organizational readiness to ensure scalable sustainable change.
Promoting entrepreneurial thinking and continuous improvement across the technology enterprise.
Operational Excellence & Execution
The successful leader will have a proven ability to translate strategy into action while delivering measurable business results.
They will:
Establish clear priorities performance expectations and accountability measures across the organization.
Lead effectively through ambiguity and complexity guiding teams through change and transformation.
Make informed data-driven decisions while appropriately balancing risk and opportunity.
Demonstrate sound judgment transparency and integrity in all aspects of leadership.
Drive execution with urgency discipline and a focus on outcomes.
Talent Leadership & Team Development
The CISO will be recognized as an exceptional people leader with a strong track record of building developing and retaining high-performing teams.
They will:
Attract and cultivate top technology talent.
Foster an inclusive culture where diverse perspectives are valued and individuals can thrive.
Mentor and develop future leaders through coaching succession planning and professional growth opportunities.
Encourage resilience adaptability and continuous improvement throughout the organization.
Lead by example demonstrating humility self-awareness and a commitment to ongoing learning.
Influence Collaboration & Relationship Building
Success in this role requires exceptional interpersonal skills and the ability to build trusted relationships across a highly matrixed organization.
The ideal candidate will:
Establish strong partnerships with executive leadership clinical leaders research teams and operational stakeholders.
Communicate complex concepts clearly and effectively to both technical and non-technical audiences.
Inspire confidence and engagement through authenticity credibility and emotional intelligence.
Create a shared sense of purpose and direction that motivates teams and stakeholders to achieve common goals.
Celebrate team successes and foster a culture of collaboration and mutual respect.
Sustainability & Long-Term Value Creation
The CISO will ensure technology investments and initiatives create enduring value for patients caregivers employees communities and the organization.
They will:
Integrate business social environmental and operational considerations into strategic decision-making.
Promote responsible innovation and sustainable technology practices.
Balance short-term priorities with long-term organizational health and resilience.
Engage stakeholders to ensure technology strategies deliver broad and meaningful impact.
Lead transformative initiatives that strengthen organizational performance and create lasting competitive advantage.
Qualifications
The CISOs Key Responsibilities will include:
- Effective Information Risk Management: Create a risk aware culture ensuring that information risk is owned by relevant parts of the business to enable control and enable investments in bold innovations.
- Mature Security Capabilities: Focus on the protection of confidentiality integrity and availability of information to enable the safe and secure communication of patient interactions so that MGB continues to lead the way in academic and community healthcare.
- Secure & Resilient Platforms: Secure and resilient solutions that underpin the experience-led digital transformation across MGB whilst enhancing our crisis management capability for better preparedness.
- Data Privacy Compliance: Compliance with relevant statutory and regulatory requirements to support MGBs expanded reach into new markets.
Additional Responsibilities:
- Accountable for the end-to-end overall direction and strategy of MGBs Security function in close collaboration and alignment with the CIDOs leadership team and enterprise stakeholders; manage the relationship with Risk and Audit committees and the Board of Directors on Cyber Security issues and policies.
- Optimize effective security and privacy governance to ensure complete security of MGBs data.
- Drive security and risk processes throughout MGB to create a security-savvy workforce and implement processes that create self-service capability with a focus on simplification speed and automation.
- Contribute to security product and architecture currency by remaining relevant to any evolving threat landscape and respond swiftly to mitigate exposure to new threats and vulnerabilities.
- Manage third-party connectivity models standards assessments and relationships for MGB.
- Support and partner with peer delivery organizations within the CIDOs organization to drive secure digitally-native solutions without being a road-block.
- Lead strategic security planning to achieve business goals including the ability to articulate ideas to both technical and non-technical groups and business case justifications for security spending initiatives.
- Establish and maintain a strong partnership with technology peers enterprise risk management privacy audit and other leaders throughout the business to support the development and implementation strategies that adhere to the enterprise risk tolerance. The security team will need to anticipate technology shifts that keep peer organizations competitive yet driving these innovated solutions without compromising security posture.
- Leading through influence will be a critical competency to ensure that security is embraced pervasively throughout the MGB enterprise.
- Continuously improve existing security standards across the organization to maintain a competitive edge within the market and remain current to the changing threat landscape.
- In conjunction with other technology leaders develop implement and maintain department policies and standards designed to maximize effectiveness and minimize costs related to the acquisition implementation and operation of enterprise applications and infrastructure systems in a secure manner.
- Ensure security standards and implementation of cloud platform controls across GCP Azure and Microsoft.
- Lead acquisition and divestiture cyber due diligence to ensure M&A integration activities are completed securely on time and within budget.
- Partner with internal and external clients to ensure a high degree of system security.
- Proactively update security and technology skill sets. Stay well-informed of technological advances and continuously research better ways to accomplish tasks and integrate new security technologies.
- Maintain a constructive team-oriented and customer-focused attitude at all times and in all settings.
- Recruit and develop talent that will drive the organization to higher performance.
- This role is accountable to maintain technical compliance to regulations standards and certifications such as NIST SOX PCI and HIPAA.
Qualifications
- 2x weekly onsite or more if needed for business needs.
- Masters Degree Health Administration required
- Can this role accept experience in lieu of a degree No
- Excellent leadership interpersonal and communication skills with the ability to lead and inspire a team.
- Exceptional strategic and analytical skills with the ability to develop and implement effective healthcare -depth knowledge of healthcare regulations policies and standards.
- Exceptional business acumen with the ability to develop and execute successful business strategies.
- Ability to work well under pressure meet deadlines and manage multiple projects simultaneously 8-10 years preferred
Financial and supervisory duties
- Has oversight of 45 employees
- $18m OPEX
Additional Job Details (if applicable)
Working Model Required
- M-F Eastern Business Hours required
- Hybrid required 2x weekly or more in office onsite for stakeholder meetings or business needs must be flexible business needs
- A quiet secure compliant workspace is required for remote workdays and will be viewed and confirmed via Microsoft Teams Video
Please note* Pay rate is dependent on candidate work experience for this job level and grade MGB fair pay practices are reviewed before offers are made
Remote Type
Work Location
Scheduled Weekly Hours
Employee Type
Work Shift
EEO Statement:
Mass General Brigham Competency Framework
At Mass General Brigham our competency framework defines what effective leadership looks like by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance make hiring decisions identify development needs mobilize employees across our system and establish a strong talent pipeline.
Required Experience:
Chief
About Company
Patients at Mass General have access to a vast network of physicians, nearly all of whom are Harvard Medical School faculty and many of whom are leaders within their fields.