Network Security Engineer maintaining network stability and security at Clearwater Paper. Responsible for operational support, troubleshooting, and security administration across enterprise networks.
About the role
- Chief Information Security Officer at Sutter Health overseeing enterprise cybersecurity and patient data protection. Leading strategic initiatives and compliance within a complex healthcare environment.
Responsibilities
- Develop and implement a multi-year information security strategy that aligns with organizational priorities, digital transformation goals, and regulatory requirements.
- Advise the CEO, CDO, COO, and Board of Directors on emerging cyber threats, risks to patient care, and mitigation strategies.
- Lead enterprise participation in healthcare security coalitions, information sharing groups (e.g., H-ISAC), and public–private partnerships.
- Establish and maintain a security governance program based on healthcare-aligned frameworks (NIST CSF 2.0, HITRUST CSF, HICP, HIPAA/HITECH).
- Drive enterprise risk assessments and develop mitigation plans for cybersecurity, privacy, and clinical safety risks.
- Ensure compliance with HIPAA, HITECH, CMS, FDA (for medical device security), and state privacy regulations.
- Oversee security audits, penetration tests, and third-party/vendor risk assessments, ensuring remediation of findings.
- Protect the Electronic Health Record (EHR), patient-facing portals, and digital health platforms against compromise, downtime, or data loss.
- Partner with Clinical Engineering and Biomedical teams to secure medical devices and Internet of Medical Things (IoMT).
- Lead preparedness for ransomware, phishing, insider threats, and advanced persistent threats with an emphasis on minimizing patient safety impact.
- Oversee disaster recovery and business continuity planning in alignment with emergency preparedness and patient safety frameworks.
- Partner with Digital, Compliance, Privacy, Clinical, and Operational leaders to embed security into new initiatives, system design, and patient engagement platforms.
- Build and lead organization-wide security awareness and phishing-resistance training tailored to caregivers, clinicians, and administrative staff.
- Serve as the public face of information security during regulatory reviews, patient safety investigations, and stakeholder engagements.
- Recruit, develop, and lead a high-performing healthcare cybersecurity team across areas such as threat intelligence, incident response, IAM, and risk management.
- Promote a culture of accountability, clinical safety, and innovation in cybersecurity practices.
- Provide coaching and mentoring for next-generation security leaders.
Requirements
- Bachelor’s degree in Information Technology, Cybersecurity, Healthcare Administration, or related field required; Master’s degree preferred.
- 10+ years of progressive leadership in information security and risk management, with 5+ years in healthcare or another highly regulated industry.
- Demonstrated success implementing enterprise cybersecurity programs in a multi-hospital health system, payer, or large healthcare delivery network.
- Deep knowledge of HIPAA, HITECH, CMS, OCR enforcement, FDA guidance for medical devices, and healthcare-specific risk management frameworks.
- Expertise in EHR security (Epic preferred), identity and access management, cloud security, and medical device security.
- Strong business and clinical acumen; ability to align security with patient care priorities.
- Exceptional communication skills with the ability to present to clinical leaders, executives, and boards.
- Relevant certifications strongly preferred: CISSP, HCISPP, CISM, CISA, or CHPS.
Benefits
- Yes
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Analista de Application Security Pleno ensuring code integrity and security at Evertec, a tech company for the financial sector in Brazil. Responsible for security scanning, remediation support, and CI/CD integration.
Senior Application Security Analyst ensuring code integrity and security at Evertec, leading security strategies and initiatives in software development.
Senior Principal Security Engineer at Workday acting as technical contact for Enterprise Security. Bridging cybersecurity strategy with hands - on execution to tackle complex security challenges.
Leitung des Sachgebiets Infrastruktur und Sicherheit mit Verantwortung für den Betrieb der technischen Basisdienste. Enger Austausch mit Amtsleitung und Fachbereichen zur IT - Strategie der Stadt Elmshorn.
As a Producer, support the Senior Producer in delivering AAA projects for Behaviour Interactive, a gaming industry leader. Collaborate with the leadership team to ensure high - quality product alignment.
Business Information Security Officer responsible for ensuring cybersecurity compliance in Europe for Boeing. Leading regional security initiatives and managing relationships with stakeholders across the continent.
IT Cybersecurity Specialist handling technical support in information security for MODEC's operations. Ensuring strategic and compliance alignment with global cybersecurity standards.
Product Security Engineer ensuring security in cloud - native product development at Trainline. Collaborating with cross - functional teams to improve security practices and safeguard digital channels.
Information Security Engineer supporting day - to - day information security operations. Working with cross - functional partners to ensure security compliance and risk management.