Director Information Security

TRC seeks a full time Information Security Director with a leading healthcare system in Gainesville, GA. Position is fully onsiite.

Job Summary

Serves the organization, patients, and other customers by providing a wide range of Information Security, Cyber Security & related technical services. Assists in the formulation of strategic planning for both short- and long-term activities, and performing all other duties as assigned by the Chief Technology Officer. Operationally skilled, willing and eager to dive into deep technical challenges to provide direction, support and assistance to enhance health system outcomes. Strong knowledge of the OSI model to understand issues from physical to application layer. Disaster recovery planning and testing for highly available infrastructure. Deep skills and experience in managing complex large-scale projects required. Serve as the focal point of contact for the information security team and ITS organization in continual alignment with the Chief Technology Officer and Chief Information Officer as required.

Minimum Job Qualifications

Educational Requirements: Bachelors Degree in Information Systems, Information Technology Management or related field required.

Minimum Experience: Minimum of ten (10) years of advanced IT Security experience with an emphasis in Cyber Security, Risk Management and Data Governance is required.

Job Specific and Unique Knowledge, Skills and Abilities

Accomplished team-oriented leader with demonstrated results in leading a high-performing team and mentoring and developing staff

Proven ability to take individual initiative and responsibility for assignments; high attention to detail; outstanding follow through; problem solver

Demonstrates ability to engage in and complete multiple concurrent assignments, on-time and within budget

Excellent verbal, written, analytical, problem solving and organizational skills. Customer-focused and service-oriented

Proven ability to maintain a positive attitude in a team environment

Proactive in bringing issues to the senior management team and other leaders, building consensus and delivering practical solutions

Demonstrated skills in critical thinking, negotiation, meeting facilitation and relationship building

Must be a skilled decision-maker who works efficiently in a high stress environment

Fiscally responsible, experienced in managing budgets

Demonstrates strong understanding of leading telecommunications technologies and methodologies implemented in 24x7 mission-critical environments

Essential Tasks and Responsibilities

Develops an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate

Provides regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program, thus supporting business outcomes

Minimum ten (10) years relevant IT and Cyber Security experience in key technical security and leadership roles. Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.

Facilitates an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board as required.

Develops, socializes and coordinates approval and implementation of security policies. Manages operational and capital budgets for the information security function, monitoring and reporting on opportunities and discrepancies

Creates and manages a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations

Leads the strategic alignment for Third- Party Risk Management organization-wide to assess, educate, mitigate and reduce risk throughout the healthcare system.

Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.

Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.

Monitors the external threat environment for emerging threats and advises relevant stakeholders on the appropriate courses of action.

Manages and contains information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation.

Oversees technology dependencies outside of direct organizational control.