Chief Information Security Officer

Job Summary

The Chief Information Security Officer (CISO) is responsible for defining, implementing, and overseeing the organization’s enterprise-wide information security vision, strategy, and program. This role ensures that information assets, systems, and technologies are adequately protected against current and emerging threats while meeting regulatory and compliance requirements.

The CISO will lead the information security function, work closely with senior leadership, and align security initiatives with business objectives. As a member of the senior management team, the CISO will contribute to broader organizational strategy beyond IT, ensuring effective risk management across the enterprise.

• Develop, implement, and maintain a comprehensive information security strategy aligned with organizational objectives and healthcare IT security policies, standards, and regulatory requirements.
• Provide strategic leadership to the information security team, fostering a strong culture of security awareness among IT staff and end users.
• Conduct enterprise-wide risk assessments, identify security gaps, and manage security incidents, serving as the primary point of contact for all security-related matters.
• Establish, review, and continuously improve information security policies, standards, and procedures to safeguard organizational information assets.
• Collaborate closely with IT and business units to integrate security controls into all operational processes, projects, and systems, including conducting security and compliance reviews for new initiatives.
• Recommend, design, and implement compensating controls where deviations from established security policies are required.
• Monitor emerging cyber threats, vulnerabilities, and technologies, advising senior stakeholders on mitigation strategies and security posture improvements.
• Provide security advisory and consulting services to project teams, ensuring security-by-design principles are embedded across all initiatives.
• Actively participate as a member of the Senior Management and C-level leadership team, contributing to organization-wide strategic initiatives beyond the IT function.
• Engage with external partners, regulators, and vendors to ensure alignment with security standards and best practices.

• Bachelor’s degree in Computer Science, Information Technology, or a related discipline.
• Professional certifications such as CISA, CISM, and/or CISSP are highly desirable.
• Minimum 8 years of experience in senior information security roles, including IT security infrastructure design and operations and/or security compliance and assurance.
• Proven hands‑on experience in cybersecurity architecture, governance, and systems integration.
• Strong knowledge of information security frameworks, risk management methodologies, and regulatory compliance requirements.
• Proficiency with security technologies, tools, and monitoring solutions.
• Demonstrated ability to engage effectively with senior stakeholders and translate technical risks into clear, actionable business recommendations.
• Strong collaboration skills with the ability to work across departments and with external partners.

Interested candidates who wish to apply for the advertised position, please click on "Apply". We regret that only shortlisted candidates will be notified.