Director – Chief Information Security Officer (CISO)

Job not on LinkedIn

November 25

🦬 Montana – Remote

Although this job is listed in Montana, this company may be open to hiring remote in other states.

💵 $172k - $200k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Receive Emails with Similar Jobs

The Staff Pad

WebsiteLinkedInAll Job Openings

Recruitment • Healthcare • Information Technology

The Staff Pad is a subscription-based staffing agency that specializes in recruiting talent across a variety of industries, including healthcare, information technology, consulting, and more. They aim to help organizations grow by providing skilled professionals ranging from nurses and IT experts to executive leaders and construction managers, ensuring clients find the right talent to drive success. The company is dedicated to streamlining the recruitment process for businesses while also supporting candidates in finding new job opportunities in their respective fields.

11 - 50 employees

Founded 2020

🎯 Recruiter

📋 Description

• Develop and execute a long-term information security strategy aligned with organizational goals. • Build and maintain an enterprise security framework (NIST CSF, 405D, ISO 27001, HITRUST, etc.). • Advise executive leadership and the Board on security posture, threats, and mitigation plans. • Manage the information security budget and security technology investments. • Lead enterprise risk assessments and prioritize mitigation initiatives. • Ensure compliance with HIPAA/HITECH, GDPR, and other relevant data privacy regulations. • Oversee creation and enforcement of security policies, procedures, and standards. • Direct internal and external audit readiness and remediation (HITRUST, SOC 2, etc.). • Manage a robust vendor and third-party risk management program. • Lead security operations, including threat/vulnerability management, IAM, SIEM, and endpoint protection. • Oversee development and testing of Incident Response, Disaster Recovery, and Business Continuity plans. • Serve as executive incident manager during security events, breaches, and investigations. • Ensure security of EHR systems, medical devices, and clinical technologies. • Build and lead a strong GRC and SecOps team. • Drive organization-wide security awareness and training initiatives. • Partner with IT, Clinical Operations, Legal, HR, and other departments to embed security into systems and workflows.

🎯 Requirements

• Minimum 7 years of progressive experience in Information Security; senior leadership or CISO-level experience preferred. • Strong healthcare industry background, including understanding of EHR systems and PHI protection. • Proven expertise in enterprise cybersecurity architecture, IAM, cloud security, and threat detection tools. • Demonstrated experience conducting and managing enterprise risk assessments.