Address
Form of workOverview:
Digital Products & Services team members are responsible for securely managing information systems throughout their lifecycle, including knowing what information systems are within their scope of responsibility, understanding what sensitive data is stored, transmitted, or processed on those information systems, enforcing the security principles of least privilege and least functionality, knowing what events may constitute an Information Security incident, and understanding their role in security incident response activities.
The Chief Information Security Officer (CISO) is accountable for establishing and managing the enterprise vision, strategy, and program to manage cybersecurity risk to acceptable levels. The CISO acts as an expert advisor to senior leadership by providing cybersecurity decision support for strategic business initiatives. The team member demonstrates effective leadership, communication, relationship building, and decision making at every opportunity.
#JoinTeamAubergine #NovantHealth Let Novant Health be the destination for your professional growth.
At Novant Health, one of our core values is diversity and inclusion. By engaging the strengths and talents of each team member, we ensure a strong organization capable of providing remarkable healthcare to our patients, families and communities. Therefore, we invite applicants from all group dynamics to apply to our exciting career opportunities.
Qualifications:- Education: Bachelor's degree , required. Master's degree, preferred.
- Experience: Ten (10) years Information Security experience; Ten (10) years of IT related experience; Experience working in a complex healthcare environment; Experience in carrying out leadership roles and responsibilities, required.
- Licensure/Certification: CISSP and CompTIA Security+ and ITIL Foundation (or equivalent), required. CISM, CRISC, CGEIT, CISA, CASP, COBIT Foundation (or equivalent), preferred.
- Additional Skills (required):
Advanced knowledge of cybersecurity principles.
Advanced knowledge of the NIST Cybersecurity Framework for Critical Infrastructure, NIST 800-53rev5, HIPAA, PCI DSS, and ITIL.
Advanced knowledge of Information Security program management principles.
Advanced knowledge of the organization's core business/mission processes.
Advanced knowledge of resource management principles and techniques.
Advanced knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Advanced knowledge of cyber threats and vulnerabilities.
Advanced knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity
Advanced knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
Advanced knowledge of incident response and handling methodologies.
Intermediate knowledge of Information Technology life cycle processes.
Intermediate knowledge of security architecture concepts and enterprise architecture reference models.
Intermediate knowledge of enterprise risk management concepts and best practices.
Intermediate knowledge of cybersecurity awareness and training concepts.
Repudiation of information and data.
Intermediate knowledge of security continuous monitoring and incident detection principles.
Basic knowledge of computer networking concepts and protocols, and network security methodologies.
Basic knowledge of server and client operating systems.
Ability to plan strategically.
Ability to successfully handle multiple high priority initiatives simultaneously, with minimal direction.
Ability to successfully lead team members in an environment that motivates them to high levels of performance.
Ability to develop productive working relationships with a broad range of business and technical professionals.
Ability to think critically.
Ability to exercise judgement and make decisions when in ambiguous situations.
Ability to interpret and apply laws, regulations, policies, and guidance relevant to organizational objectives.
Ability to effectively communicate with technical and non-technical audiences including members of the executive team and board.
Ability to negotiate resolutions for conflicting security and business objectives.
Ability to travel to multiple locations as needed.
Ability to lead a diverse team comprising of on-site, remote, and hybrid resources.
Advanced skill in communicating with all roles, from individual contributors to members of the board (i.e., interpersonal skills, listening skills, presentation skills, etc.)
Skill in deconflicting cybersecurity operations and activities.
Skill in using MS Office productivity tools.
High degree of professional poise, presence, and personal integrity.
High-level of attention to detail.
- Additional Skills (preferred):
Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity and healthcare & public health.
Knowledge of systems lifecycle processes and related security integration points.
Knowledge of development, security, and operations (DevSecOps) processes.
Knowledge of new and emerging technologies and their applicability to cybersecurity.
It is the responsibility of every Novant Health team member to deliver the most remarkable patient experience in every dimension, every time.
- Our team members are part of an environment that fosters team work, team member engagement and community involvement.
- The successful team member has a commitment to leveraging diversity and inclusion in support of quality care.
- All Novant Health team members are responsible for fostering a safe patient environment driven by the principles of "First Do No Harm".
