Chief Information Security Officer

• Provides strategic leadership in evaluating and mitigating information security threats across the organization using a structured, risk-based methodology
• Directs the ongoing development of the department’s information security program, including project portfolio management, incident response, policy frameworks, compliance activities, threat and vulnerability management, and third-party risk management
• Allocates and manages resources to support a robust security strategy
• Partners with the Office of Compliance and Privacy Affairs to assess data security risks related to contracts, projects, artificial intelligence solutions, and other initiatives
• Builds alignment and support for security goals and initiatives across internal and external stakeholders
• Promotes awareness and understanding of regulatory requirements across the organization
• Analyzes security requirements and ensures compliance with industry standards such as HIPAA, NIST, and PCI-DSS
• Establishes and maintains comprehensive policies and procedures to support effective and sustainable security operations
• Serves as the department’s representative in security-related matters with City agencies and partners
• Continuously monitors emerging trends, technologies, and best practices in cybersecurity

• Bachelor’s degree from an accredited college or university
• Five (5) years of professional healthcare information systems security experience, of which three (3) years must include supervising IT professionals

Possession of a Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) certification