Manager - Information Security
Stamford Health · Stamford, CT · Yesterday
Information TechnologyFull-time
Responsibilities
- Reporting to the SVP & CIO of Stamford Health, the Chief Information Security Officer (CISO) designs, implements, operates, and optimizes all security strategies for Stamford Health.
- In this enterprise role, the CISO collaborates with all levels of the organization, including the Executive Team, to ensure technology and operations come together to achieve the performance goals of the organization while maintaining the appropriate security/risk mitigation strategies.
- Provide strategic vision and leadership for the development, advancement, and support of Stamford Health’s cybersecurity program leveraging the NIST Framework.
- Measure and report on all cybersecurity activity to ensure visibility into effectiveness and overall impact on business operations and communicate risk to executive leadership.
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for information security administration, adoption and use of technology and infrastructure including Artificial Intelligence (AI).
- Implement and promote awareness with ongoing training and remediation to ensure a culture of strong information security including yearly table top exercises.
- Collaborate with our Business Continuity team on enterprise-wide disaster recovery and business continuity plans, procedures, audits, enhancements, and recurring testing; including emergency preparedness.
- Work with Stamford Health leadership, the Corporate Compliance and Privacy Officer to establish and maintain a culture of compliance and cyber security policies.
- Oversee the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues.
- Develop, monitor, and control a budget in line with the organization’s objectives including review of contracts to ensure compliance with our environment.
- Performance management and leadership for team.
Qualifications
- Bachelor’s degree in Computer Science, Information Systems, Information Security
- Minimum 3 years of healthcare experience
- Minimum of ten years of relevant experience in Cybersecurity Operations & Engineering with at least five years’ experience leading cybersecurity teams
- Professional certifications in Information Security, Risk Management and/or Compliance (such as CISM, CISA, CRISC, CISSP etc.)
- Proficient in Secure DNS, Secure email gateways, Fortinet firewall/NAC/VPN, threat and vulnerability management, endpoint security, digital certification management, Microsoft CAS/Authenticator
- Expert knowledge with general security best practices, protocols, etc.