Reporting to the Chief Information Officer, the Vice President (VP) and Chief Information Security Officer (CISO) is a business/technology executive who will be responsible for providing enterprise-wide leadership to establish and maintain a comprehensive Information Security and Data Privacy program ensuring compliance and managing organizational risks. This includes policy creation, education, training, security incident response, risk assessment, contract review, incident prevention, detection and forensics. This leader will provide strategic as well as pragmatic thought leadership at the SSM Health executive level regarding security, technology and products and create strong partnerships across business units and functional groups to deliver competitive advantage and provide organizational leadership across SSM Health for IT security and related organizational initiatives across the company. As the key executive leading SSM Health security planning, implementation and overall operations, the CISO is critical to enabling SSM Health to deliver its strategy all the while protecting the security and integrity of customer data and SSM Health's overall brand in the marketplace.
Reports to: SVP & CIO
Supervises: Leads a team of 30 FTE's including two directors, will have dotted line accountability for information security team at Dean Health Plan and Navitus.
Interrelationships: Customers relationships
CIO, CFO, CCO and CLO, President of DHP and Navitus
PRIMARY RESPONSIBILITIES AND DUTIES:
Imparts the philosophy, values, mission and vision of SSM Health and facilitates the integration of values in CQI activities.
Understand and exemplifies the philosophy and values of the Franciscan Sisters of Mary and SSM Health. Demonstrates and imparts the mission, philosophy, values and vision of SSM Health in daily activities
Adheres to the SSM Health Standards of Ethical Conduct, displaying ethical behavior in the areas of business ethics, legal compliance, confidentiality, conflicts of interest, vendor relationships and the reporting of questionable activities.
Develop an enterprise wide security governance model for SSM Health delivery system, Dean Health Plan and Navitus.
Develop and execute an enterprise wide security strategy and roadmap that mitigates risk through the right balance of security measures and operational flexibility.
Standards and Guidelines - Establish policies, procedures, standards and guidelines that enable SSM Health's security strategy.
Threat Assessment and Scenario Planning - Identify security vulnerabilities and risks associated with PHS's operations, including partnering with business units to build threat assessment into the product design and development processes.
Advanced Detection and Containment - Build an industry leading detection and containment capability that will identify and mitigate sophisticated cyber-attacks against PHS.
Day-to-Day Security Operations - Ensure operational procedures enforcing security are effective and optimal, including assessing and testing for vulnerabilities.
Incident Response - Respond to and resolve security exposures and incidents.
Security Engineering - Work directly with the business units and IT Development Operations group to ensure that the right security capabilities are built into offerings, enterprise processes and tools through reusable technology (services oriented architecture). Oversee the evaluation, selection and implementation of information security tools.
Integrity of Critical Business Operations -Participate in the formation and execution of business continuity planning, and drive disaster recovery planning and execution across multiple business and geographic sites.
Security Compliance and Audits -Manage internal and external assessments of security, disaster recovery and compliance (certification and accreditation).
Education and Training -Provide security awareness training, information and education to employees, partners and customers.
Cloud Security - Develop and operate optimal security processes, tools and consulting services for hosting secure applications in the cloud.
Third Party Management - Participate in the development, implementation and ongoing compliance monitoring of information privacy requirements and responsibilities in vendor contracts and agreements.
Security Metrics and Reporting - Develop and maintain a program that informs business unit and functional group leadership of the top security risks and overall security health of their organizations
Sales and Customer interaction - including pre-Sales support, customer contract review, RFP response, and customer audit facilitation.
KNOWLEDGE, SKILLS AND ABILITIES:
At SSM Health, we are driven by a singular Mission: Through our exceptional health care services, we reveal the healing presence of God. It's a higher calling that binds us. Here, we work together, system and providers alike, to heal the body, mind and spirit of our patients. We are united by a shared commitment to serve through faith, humanity, compassionate care and exceptional medicine.
At SSM Health, diversity, inclusion and equality are integral parts of who we are and a reflection of our Mission and values. We believe that workplace diversity is essential to our success. We seek to foster awareness and appreciation of diversity among our patients, employees, physicians, providers, customers and communities.
We are proud to be an Equal Opportunity and Affirmative Action Employer. Qualified applicants are considered for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or any other characteristic protected by law.
Missouri - Eastern
From the famed Gateway Arch in St. Louis to Kansas City, Missouri is one of the most livable states in the country. The metropolitan area features a large variety of neighborhoods and communities. With an affordable housing market, trendy neighborhoods, and the booming economic landscape this one of the most attractive areas for professionals. Smaller cities like Jefferson City, our capital, and Columbia, home of the University of Missouri, offer vibrant communities buzzing with activity, yet free of the hustle and bustle of larger metropolitan areas.