VP CHIEF INFORMATION SECURITY OFFICER (CISO)

This position reports directly to the Chief Information Officer and has a dotted-line reporting relationship to the Executive Vice President, Chief Compliance and Risk Officer (CCRO), to manage potential conflicts between the interests of the CCISO and CIO. The role involves regular reporting to Harris Health's Chief Executive Officer and Board of Trustees on Information Security matters, including training and breaches. This executive-level position focuses on developing and enforcing policies and strategies to protect against cyber threats and ensure compliance with healthcare regulations such as HIPAA / HITECH. The CISO oversees the planning and execution of enterprise security systems, managing analysts, engineers, and architects, and acts as a business enabler by integrating security into business decisions while maintaining flexibility and adaptability. The CISO must possess a strong technical background, understanding threats, risk mitigation, and technical controls, leading a team through corporate obligations and defenses. The role includes accountability for daily operations and strategic execution, reporting to the CIO or CEO/COO depending on the organization.

1. Degree : Bachelor's and Master's degrees in Computer Science, Information Security, or related fields.
2. License & Certifications : CISSP highly preferred; CISM or CCISO required.
3. Work Experience : 15 years in Cyber/Information Security, designing and implementing security solutions.
4. Management Experience : 10 years in progressive management roles related to HIPAA Security Regulation, Cyber/Information Privacy, and Security laws such as FISMA, PCI-DSS, GLBA, FIPS, NIST-CSF, and data breach reporting laws. Healthcare or Federal government cybersecurity experience is a plus.

• Communication Skills: Above average verbal, writing, and report writing skills.
• Knowledge / Skills / Abilities: Executive presence, disaster recovery planning, backup strategies, cybersecurity, ownership and accountability, planning and organization, critical thinking.

Residency in TX required. The role is hybrid, requiring frequent onsite presence.

• Expert knowledge of Cyber/Information Security technologies and infrastructure.
• Strong understanding of security design and best practices related to organizational technology and business integration.