What are the responsibilities and job description for the VP, Information Security (CISO) position at Blue Shield Of California?
Job Description
Your Role
We are seeking a highly experienced and visionary Chief Information Security Officer (CISO) to lead our information security program. The CISO will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.
This position reports directly to the Chief Information Officer. This position reports on a regular and as-needed basis to Stellarus Chief Executive Officer and Board of Trustees regarding relevant Information Security matters to include Information security training and breaches for the organization. This executive-level position encompasses the development and enforcement of policies and strategies to protect against ever-evolving cyber threats, ensuring compliance with strict healthcare regulations such as HIPAA / HITECH. The CISO directs the overall planning and execution of enterprise security systems, using operational and tactical expertise to direct security management reports, who oversee analysts, engineers and architects. As a business enabler, the CISO ensures business decisions are not hampered by security but adhere to corporate security policies and are implemented with security in mind. The CISO champions a flexible, highly adaptable and secure operating business environment.
The CISO must have a strong technical background and fully understand threats, risk mitigation and technical controls to lead a team of security professionals through corporate obligations and defenses. The CISO assumes accountability for the daily tactical operations and overall strategic execution of the team under his or her leadership.
Responsibilities
In This role, you will :
- Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
- Work directly with the business units to facilitate risk assessment and risk management processes.
- Develop and enhance an information security management framework.
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
- Provide leadership to the enterprise's information security organization.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Serve as the primary point of contact for clients on all information security matters, addressing their concerns, answering question, and offering security solutions.
- Build and maintain long-term relationships with key client stakeholders, including C-level executives, to ensure satisfaction and trust in our security practices.
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
Additional Responsibilities
Qualifications
Management Experience :
Ten (10) years progressive management experience in areas of expertise : HIPAA Security Regulation; and practical experience working with Cyber / Information Privacy and Security laws (such as FISMA, PCI-DSS, GLBA, FIPS, NIST-CSF and data breach reporting laws), generally accepted Cyber / Information Security principles, and accepted industry practice. Healthcare and / or Federal government experience cybersecurity experience is a plus progressive management experience.
Special Requirements :
Communication Skills : Above Average Verbal (Heavy Public Contact), Writing / Correspondence, Writing / Reports
Other Requirements :
Pay Range
The pay range for this role is : $370K to $430K for California.
Note
Please note that this range represents the pay range for this and many other positions at Blue Shield that fall into this pay grade. Blue Shield salaries are based on a variety of factors, including the candidate's experience, location (California, Bay area, or outside California), and current employee salaries for similar roles.
Blue Shield of California is part of the Ascendiun Family of Companies. Ascendiun is a new, nonprofit corporate entity that launched in January 2025, as the parent to the family of organizations that includes Blue Shield of California and its subsidiary, Blue Shield of California Promise Health Plan; Altais, a clinical services firm; and Stellarus, a company designed to scale healthcare solutions.
Stellarus is a leading technology company that specializes in providing innovative technical products and services for healthcare payers. Stellarus' goal is to help health plans reimagine the healthcare system. Our objective is to offer innovative, modern, scalable solutions that challenge the health care status quo
About the Team
Blue Shield of California's mission is to ensure all Californians have access to high-quality health care at a sustainably affordable price. We are transforming health care in a way that genuinely serves our nonprofit mission by lowering costs, improving quality, and enhancing the member and physician experience.
To fulfill our mission, we must ensure a diverse, equitable, and inclusive environment where all employees can be their authentic selves and fully contribute to meet the needs of the multifaceted communities we serve. Our continued commitment to diversity, equity, and inclusion upholds our values and advances our goal of creating a healthcare system that is worthy of our family and friends while addressing health disparities, promoting social justice, and integrating health equity through our products, business practices, and presence as a corporate citizen.
Blue Shield has received awards and recognition for being a certified Fortune 100 Best Companies to Work, Military Friendly Employer, People Companies that Care, a Leading Disability Employer, and one of California's top companies in volunteering and giving. Here at Blue Shield, we strive to make a positive change across our industry and communities - join us!
Our Values :
Our Workplace Model :
At Blue Shield of California, we believe in fostering a workplace environment that balances purposeful in-person collaboration with flexibility. As we continue to evolve our workplace model, our focus remains on creating spaces where our people can connect with purpose - whether working in the office or through a hybrid approach - by providing clear expectations while respecting the diverse needs of our workforce.
Two Ways of Working :
Member-facing and approved out-of-state roles remain remote.
Physical Requirements :
Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office / deskwork - Activity level : Sedentary, frequency most of work day.
Please click here for further physical requirement detail.
Equal Employment Opportunity :
External hires must pass a background check / drug screen. Qualified applicants with arrest records and / or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.
Salary : $370,000 - $430,000
