Chief Information Security Officer
Renown Health
Reno, Nevada
information security
security
officer
security
information security
information systems
management
procedures
technical
officer
leadership
assessment
team
Apply with Tarta Assistant 🤖
Unleash the power of automation for your job search (Paid option) Apply Manually(Free)
I have time, I'll manually find and apply for jobs
Unleash the power of automation for your job search (Paid option) Apply Manually(Free)
I have time, I'll manually find and apply for jobs
90% of users say Tarta.ai Assistant helps them save time applying for jobs.
Not a member? Click
here to subscribe.
October 10, 2021
Renown Health
Reno, Nevada
Position Purpose
Reporting to the Chief Information Officer (CIO), the Chief Information Security Officer (CISO) with a dotted line to Chief Compliance Officer provides vision and leadership for developing and supporting security initiatives. The CISO directs the planning and implementation of enterprise IT system, business operation, and facility defenses against security breaches and vulnerability issues. This individual is also responsible for auditing existing systems, while directing the administration of security policies, activities, and standards. The incumbent establishes and maintains a comprehensive company wide information security program to insure that information assets are adequately protected against current, future, internal and external threats. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the company to develop an anticipatory response to minimize information security risk. The Chief Information Security Officer position acts as the key liaison and focal point in the company for all information security communications and projects. The CISO manages the relationship between Renown and all managed services partners.
Nature and Scope
Provides executive leadership, vision and managerial oversight in the development and implementation of security strategies to define policies and processes that enable consistent, effective information security practices and minimize risk. Determines projects and priorities for all information security issues. Establishes short and long-range business plans to achieve the necessary security to protect organization assets.
Leads strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
Develops and communicates security strategies and plans to executive team, staff, partners, customers, and stakeholders.
Assists with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry standard best practices.
Establishes a security program for Renown Health incorporating regulatory standards and methodologies and provides reporting to ensure that standards are followed.
Oversees daily security activities to manage risk at an appropriate level, ensure effective response to incidents, and optimize secure data access and utilization.
Directs the communication and dissemination of organization information security standards, and advises senior executives regarding internal or external data security potential threats. Acts as advocate and primary liaison for the companys security vision via regular written and in-person communications with the companys executives, department heads, and end users.
Manages information security team to proactively analyze and directly respond to internal and external threats to system stability including unauthorized access such as vulnerability assessments, record attempts; minimizes/mitigates risk to information and systems.
Deploys integrated risk management approach to create executive level perspectives and status reports regarding all security risks we may encounter including: risks in physical security, access and control issues, data security and contingency planning.
Establishes and enforces a process to ensure that all users receive appropriate information security training to perform duties along with periodic information security awareness training; insures appropriate levels of information security awareness and personal responsibility.
Provides leadership, direction and oversight to the security team. Manage the human resources activities of Information Security in accordance with established policies and procedures.
Develops, tracks, and controls the security services annual operating and capital budgets for purchasing, staffing, and operations.
Minimum Requirements:
Expertise in technical and business environment, familiarity with national security standards, experience with business continuity, disaster recovery, auditing, risk management, vulnerability assessments, contract/vendor negotiations, and cyber-security and incident management.
Extensive knowledge of information security technologies, markets and vendors including firewall, intrusion detection, assessment tools, encryption, certificate authority, web, and application development.
Experience in and assessment methodologies, procedures and best practices that relate to information networks, systems, and applications
Experience in application security, database technologies used to store enterprise information, directory services, financial information, and information systems auditing.
Experience in identity and access management, security program policies, processes, standards, requirements and procedures and various supporting security technologies.
Ability to apply in-depth critical and analytic thinking skills to unique problems and projects to provide effective assessment and solution generation
Ability to communicate technical issues to non-technical employees.
Experience to leading large and complex projects to plan, manage and coordinate diverse company-wide technical projects.
Preferred Requirements:
Healthcare and insurance industries work experience.
Enterprise-wide administration expertise.
Leadership experience managing direct reports with a focus on building a high performance team in a rapid growth mode.
Combination of education, experience and training must qualify the candidate as an information security expert.
This position does not provide direct patient care.
Disclaimer
The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.
Minimum Qualifications
Requirements - Required and/or Preferred
Name
Description
Education:
Bachelors in Information Technology, Business or similar required.
Masters Degree in Information Technology, Business or similar preferred.
Must have working-level knowledge of the English language, including reading, writing and speaking English.
Experience:
Ten years of experience working in a medium to large Information Systems department required.
Five years of management experience in an information systems department required.
Oversight of large IT project experience desired.
Strong relevant technical knowledge is strongly preferred.
Experience managing customer relationships preferred.
License(s):
None
Certification(s):
Required to have 2 of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems/Security Manager (CISM), Certified Risk and Information Systems Control (CRISC).
Computer / Typing:
Must be proficient with Microsoft Office suite, including Outlook, PowerPoint, Excel and Word, and have the ability to use the computer to complete online learning requirements for job-specific competencies, access online forms and policies, complete online benefits enrollment, etc.
Reporting to the Chief Information Officer (CIO), the Chief Information Security Officer (CISO) with a dotted line to Chief Compliance Officer provides vision and leadership for developing and supporting security initiatives. The CISO directs the planning and implementation of enterprise IT system, business operation, and facility defenses against security breaches and vulnerability issues. This individual is also responsible for auditing existing systems, while directing the administration of security policies, activities, and standards. The incumbent establishes and maintains a comprehensive company wide information security program to insure that information assets are adequately protected against current, future, internal and external threats. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the company to develop an anticipatory response to minimize information security risk. The Chief Information Security Officer position acts as the key liaison and focal point in the company for all information security communications and projects. The CISO manages the relationship between Renown and all managed services partners.
Nature and Scope
Provides executive leadership, vision and managerial oversight in the development and implementation of security strategies to define policies and processes that enable consistent, effective information security practices and minimize risk. Determines projects and priorities for all information security issues. Establishes short and long-range business plans to achieve the necessary security to protect organization assets.
Leads strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
Develops and communicates security strategies and plans to executive team, staff, partners, customers, and stakeholders.
Assists with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry standard best practices.
Establishes a security program for Renown Health incorporating regulatory standards and methodologies and provides reporting to ensure that standards are followed.
Oversees daily security activities to manage risk at an appropriate level, ensure effective response to incidents, and optimize secure data access and utilization.
Directs the communication and dissemination of organization information security standards, and advises senior executives regarding internal or external data security potential threats. Acts as advocate and primary liaison for the companys security vision via regular written and in-person communications with the companys executives, department heads, and end users.
Manages information security team to proactively analyze and directly respond to internal and external threats to system stability including unauthorized access such as vulnerability assessments, record attempts; minimizes/mitigates risk to information and systems.
Deploys integrated risk management approach to create executive level perspectives and status reports regarding all security risks we may encounter including: risks in physical security, access and control issues, data security and contingency planning.
Establishes and enforces a process to ensure that all users receive appropriate information security training to perform duties along with periodic information security awareness training; insures appropriate levels of information security awareness and personal responsibility.
Provides leadership, direction and oversight to the security team. Manage the human resources activities of Information Security in accordance with established policies and procedures.
Develops, tracks, and controls the security services annual operating and capital budgets for purchasing, staffing, and operations.
Minimum Requirements:
Expertise in technical and business environment, familiarity with national security standards, experience with business continuity, disaster recovery, auditing, risk management, vulnerability assessments, contract/vendor negotiations, and cyber-security and incident management.
Extensive knowledge of information security technologies, markets and vendors including firewall, intrusion detection, assessment tools, encryption, certificate authority, web, and application development.
Experience in and assessment methodologies, procedures and best practices that relate to information networks, systems, and applications
Experience in application security, database technologies used to store enterprise information, directory services, financial information, and information systems auditing.
Experience in identity and access management, security program policies, processes, standards, requirements and procedures and various supporting security technologies.
Ability to apply in-depth critical and analytic thinking skills to unique problems and projects to provide effective assessment and solution generation
Ability to communicate technical issues to non-technical employees.
Experience to leading large and complex projects to plan, manage and coordinate diverse company-wide technical projects.
Preferred Requirements:
Healthcare and insurance industries work experience.
Enterprise-wide administration expertise.
Leadership experience managing direct reports with a focus on building a high performance team in a rapid growth mode.
Combination of education, experience and training must qualify the candidate as an information security expert.
This position does not provide direct patient care.
Disclaimer
The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.
Minimum Qualifications
Requirements - Required and/or Preferred
Name
Description
Education:
Bachelors in Information Technology, Business or similar required.
Masters Degree in Information Technology, Business or similar preferred.
Must have working-level knowledge of the English language, including reading, writing and speaking English.
Experience:
Ten years of experience working in a medium to large Information Systems department required.
Five years of management experience in an information systems department required.
Oversight of large IT project experience desired.
Strong relevant technical knowledge is strongly preferred.
Experience managing customer relationships preferred.
License(s):
None
Certification(s):
Required to have 2 of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems/Security Manager (CISM), Certified Risk and Information Systems Control (CRISC).
Computer / Typing:
Must be proficient with Microsoft Office suite, including Outlook, PowerPoint, Excel and Word, and have the ability to use the computer to complete online learning requirements for job-specific competencies, access online forms and policies, complete online benefits enrollment, etc.
Report this job
Similar jobs near me
Related articles
- Diversifying Your Skillset: Alternative Career Paths for Physical Therapists
- Factors That Affect Physical Therapist Salaries: Location, Experience, and More
- Physical Therapy Career Outlook: A Booming Industry
- The Do's and Don'ts of Physical Therapy Job Hunting
- From College to Clinic: How to Launch Your Physical Therapy Career