PeaceHealth is seeking a System VP Info Security Integrity for a 1.0 full time equivalent Exempt position.
Req ID: 166295
Serving as System Vice President , Information Security and Integrity, takes responsible for designing, overseeing, implementing, and leading a system-wide, comprehensive information security program designed to effectively protect all PeaceHealth information security assets. Serves as a colleague and advisor to senior and system level executives and works closely with key system and operational leaders.
Leads the continual development of a world-class information security program that meets best-in-class standards and tools, and HIPAA and all other applicable information security regulations. Advises senior leadership on all recommended information security protocols, tools, and resources needs. Oversees the development of an effective program for responding to and neutralizing all sources of threats to the security and integrity of PeaceHealth's information. Leverages collaborations and enterprise-wide resources, facilitates information security governance, and advises senior leadership on security direction and resource investments. Partners with TSP to ensure technical controls and processes adequately protect PeaceHealth's assets. Continuously monitors the enterprise for risks that compromise information security and compliance. Maintains expertise related to information security risks on a global and local level.
1. Provides overall leadership and direction in the design, implementation, and oversight of a system-wide, comprehensive information security program. Establishes, maintains, and leads the development and adoption of Information security standards, best practices and measures in collaboration with Technology Solutions Partners (TSP) and other key leaders across PeaceHealth.
2. Establishes and implements enterprise security framework for people, process, and technology to ensure proper protection of all PeaceHealth digital assets. Leads enforcement of security program to ensure compliance with security standards.
3. Chairs the Information Security Governance Committee to ensure senior executive level engagement, support and decision making regarding key cybersecurity issues.
4. Provides leadership, vision and management for assigned staff. Analyzes resource requirements of the department, hiring, coaching and developing staff. Prepares and manages the department budget, tracking expenditures, with budget authority as delegated for assigned areas.
5. Facilitates cyber risk management program to ensure capabilities of security program and controls are commensurate with risk to PeaceHealth mission and business objectives. Provides leadership, direction and guidance in assessing and evaluating information security risks and monitors compliance with security standards and appropriate policies.
6. Prepares presentations for senior leadership and the board to communicate the status of PeaceHealth's information security program, regular dashboard metrics for monitoring the success of the program, an analysis of cyber risks, and evaluation of opportunities for program enhancement. Oversees the development of a comprehensive program description and regular annual work plans.
7. Leverages available threat intelligence and information sharing program to ensure timely identification, assessment, protections and response to burgeoning threats.
8. Oversees the organizational Disaster Preparedness program. Ensures solutions, capabilities and costs are aligned with business objectives.
9. Oversees the enterprise Cyber Incident Response program ensuring incidents are responded to in a coordinated, timely and effective fashion to reduce impact of such events. Engages stakeholders, partners, vendors, law enforcement and others as necessary to design and execute program.
10. Oversees security awareness program to ensure proper engagement of all caregivers. Produces, executes and publishes an annual plan and metrics.
11. Performs security risk assessments on systems throughout lifecycle. Scope of assessments to include supply chain, partners and vendors as appropriate. Conducts internal security and confidential information investigations and information usage security audits.
12. Establishes annual and long-range security and compliance goals; defines security strategies, metrics, reporting mechanisms and program services; and creates maturity models and a roadmap for continual program improvements.
13. Partners with vendors and partners to ensure all PeaceHealth informational assets, regardless of location or management obligations, are protected in adherence with corporate policy.
14. Performs other duties as assigned.
QUALIFICATIONS Required unless otherwise stated
Bachelor's Degree in Computer Science, Information Systems or relevant field required.
A Master's degree in computer science or related field is preferred.
Minimum of ten (10) years of experience managing information system access, security and risk assessment.
Information security experience in a healthcare setting required.
Experience in the use of on-line/real-time mid-range, server, or personal computers; and the applications, tools and equipment associated with their installation, modification and support.
Knowledge and experience of Health Level 7 (HL7), ANSO, other healthcare system standards, HIPAA, JCAHO or other healthcare regulatory compliance standards and clinical applications/technology is preferred.
Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.
Excellent written, oral and presentation communication skills.
Outstanding interpersonal and conflict resolution skills.
Strong analytical and problem-solving skills.
Collaborative leader with a demonstrated track record of working with all levels of management and across various functional organizations.
Ability to manage complex matters and deal with highly sensitive issues and maintain confidentiality.
Able to work independently and consultatively.
Ability to exercise strong judgment in analyzing, appraising, evaluating and solving problems of a difficult procedural, organizational, administrative or technical nature.
Please apply online to be considered. For full consideration of your skills and abilities, please attach a current resume with your application.
PeaceHealth, based in Vancouver, Wash., is a not-for-profit Catholic health system offering care to communities in Washington, Oregon, and Alaska. PeaceHealth has approximately 16,000 caregivers, a multi-specialty medical group practice with more than 900 providers and 10 medical centers serving both urban and rural communities throughout the Northwest. In 1890, the Sisters of St. Joseph of Peace founded what has become PeaceHealth. Today, PeaceHealth is the legacy of its founding Sisters and continues with a spirit of respect, stewardship, collaboration and social justice in fulfilling its Mission.
We offer competitive compensation, a robust benefits package and a collaborative, Mission-driven work environment! To learn more about working at PeaceHealth and the Vancouver community please visit our homepage: www.peacehealth.org/careers .
Location: Vancouver , Shared Services Center (802) Job Category: Leadership FTE: 1.0 Work Type: Full Time
PeaceHealth is committed to providing equal employment opportunities to all qualified job applicants and employees without regard to the following statuses: protected veteran; qualified individual with a disability; race; ethnicity; religion; gender; pregnancy; gender identity; national origin; age; genetic information; sexual orientation; or any other protected status in accordance with local, state, or federal laws.
The above information is intended to indicate the general nature and level of work performed by this position. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of caregivers assigned to this job.
Posting Notes: Vancouver || Leadership || Executive Leadership || Full Time || ORG INTEGRITY
Internal Number: 166295
PeaceHealth Physicians are as diverse as the communities they serve, but have the following in common:Dedication to carrying on the healing mission of Jesus Christ by promoting personal and community health, relieving pain and suffering and treating each person in a loving and caring way.A shared vision of every patient receiving exceptional, compassionate evidence-based care, every time, every touch.