What are the responsibilities and job description for the Director, Cyber and Information Security - Operational Resiliency & Crisis Management position at Point32Health?

Director, Cyber and Information Security - Operational Resiliency & Crisis Management

Point32Health

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

Job Summary

The focus area for this Director will be leading the organization's ability to effectively respond to and recover from events that result in interruption of Point32Health's business operations. In this role, the Director Cyber & Information Security will be focused on leading a team responsible for :

Developing and implementing a strategy and practices that will ensure that the organization is prepared for events that may result in extended interruption of technology systems, applications, or business operations.
Setting requirements and providing education to business and technology stakeholders about their roles in supporting the organization's business continuity, disaster recovery, and incident / crisis management disciplines.
Development, maintenance, and adoption of a single incident / crisis management framework across the organization - all hazard / threat types.
Ensuring that the organization's business continuity and disaster recovery procedures / playbooks remain up-to-date.
Leading tabletop and simulation exercises to help ensure preparedness and to proactively identify and address opportunities for improvement.
Anticipating the impact of core systems, applications, facilities, and vendor relationships being unavailable and implementing plans that will reduce the impact of those events.

The Director, Cyber & Information Security, will report into the Chief Information Security Officer (CISO) for Point32Health. The Director leads Cyber & Information Security managers and / or security leaders to oversee and help to ensure that core programs are effectively implemented. This role is integral in driving the organization’s Cyber & Information Security strategy and objectives. The Director, Cyber & Information Security is considered a leader within the IT Department and is expected to work collaboratively to identify, influence, and enhance areas of improvement across the organization.

Key Responsibilities / Duties – what you will be doing

Manage a team of managers / senior leaders responsible for overseeing the core pillars of Cyber & Information Security.

Develop and implement policies, standards, and guidelines that continuously increase the organization’s Cyber & Information Security program maturity.

Communicate potential security concerns / exposures with recommended improvements.

Lead communication and collaboration efforts with the business and IT to ensure quality solutions are delivered.

Evangelize the objective to embed security behaviors and principles into the Point32Health culture through active engagement, education, awareness, and partnership.

Develop operational excellence in anticipation and response to evolving threats and opportunities to improve cyber and information security.

Identify business risk and communicate risk to appropriate leadership.

Collaborate with stakeholders to define and implement technical and non-technical controls designed to meet cyber risk objectives and legal / regulatory obligations.

Maintain the risk repository to continually identify, prioritize, and mitigate cyber and information security related risk issues.

Participate in various forums and groups across Point32Health to understand the risk environment and to provide recommendations that effectively incorporate security objectives while balancing the business impact of recommendations provided.

Facilitate adoption of leading security practices to remain in compliance with regulations and to support our continuous monitoring and improvement goals.

Maintain up-to-date knowledge of the cyber and information security industry, including awareness of new or revised security capabilities, improved security processes, threat scenarios, trends, etc.

Identify / recommend tools, processes, software, and protocols to advance or replace current security practices, services, or technologies to meet strategic objectives.

Other duties and projects as assigned.

Qualifications – what you need to perform the job

EDUCATION, CERTIFICATION AND LICENSURE :

Bachelor’s degree in Cyber Security, Computer Science, Risk Management, or related field preferred or equivalent experience.

EXPERIENCE (minimum years required) :

10 years combined IT, cyber / information security, risk, audit, compliance, with increasing responsibility.

5 years in cybersecurity or field(s) related to the programs for which the role is responsible.

5 years in a leadership role, preferably with at least 2 of those years overseeing other managers.

Experience in leading or sponsoring implementation of technical security solutions within large organizations.

Experience developing and implementing process-based security controls, processes, and capabilities.

Experience in engaging with and managing vendors responsible for implementing processes and / or IT solutions.

Experience creating and maintaining security requirements, guidelines, and procedure documents.

Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, etc.

SKILL REQUIREMENTS :

Ability to lead a team, including managers, through mentoring, coaching, and motivating - providing an opportunity to learn and grow at Point32Health.

Requires the ability to identify risk within complex, interrelated programs; ability to assess dynamic situations objectively; and to make recommendations or decisions that best align with the corporate strategic objectives.

Ability to communicate effectively across multiple levels of the organization including managing through cross-business area or business unit prioritization discussions.

Strong relationship building skills; must be able to work collaboratively and cooperatively as a team member, fostering an atmosphere of trust and respect.

Ability to influence all levels of staff and senior management in the decision-making process.

Deep understanding of IT infrastructure, program portfolio management, application design, and secure software development lifecycle (SDLC) methodologies.

WORKING CONDITIONS AND ADDITIONAL REQUIREMENTS :

Must be able to work under normal office conditions and work from home as required.

Work may require simultaneous use of a telephone / headset and PC / keyboard and sitting for extended durations.

May be required to work additional hours beyond the standard work schedule.

DISCLAIMER

You can get further details about the nature of this opening, and what is expected from applicants, by reading the below.

The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of employees assigned to this position. Management retains the discretion to add to or change the duties of the position at any time.

Compensation & Total Rewards Overview

As part of our comprehensive total rewards program, colleagues are also eligible for variable pay. Eligibility for any bonus, commission, benefits, or any other form of compensation and benefits remains in the Company's sole discretion and may be modified at the Company’s sole discretion, consistent with the law.

Point32Health offers their colleagues a competitive and comprehensive total rewards package which currently includes :

Medical, dental and vision coverage

Retirement plans

Paid time off

Employer-paid life and disability insurance with additional buy-up coverage options

Tuition program

Well-being benefits

Full suite of benefits to support career development, individual & family health, and financial health

For more details on our total rewards programs, visit https : / / www.point32health.org / careers / benefits /

Commitment to Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity

Point32Health is committed to making diversity, equity, inclusion, accessibility and health equity part of everything we do—from product design to the workforce driving that innovation. Our Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity team's strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

J-18808-Ljbffr

Apply for this job

Receive alerts for other Director, Cyber and Information Security - Operational Resiliency & Crisis Management job openings

Director, Cyber and Information Security - Operational Resiliency & Crisis Management

What are the responsibilities and job description for the Director, Cyber and Information Security - Operational Resiliency & Crisis Management position at Point32Health?

What is the career path for a Director, Cyber and Information Security - Operational Resiliency & Crisis Management?

Job openings at Point32Health

Not the job you're looking for? Here are some other Director, Cyber and Information Security - Operational Resiliency & Crisis Management jobs in the Greendale, WI area that may be a better fit.

We don't have any other Director, Cyber and Information Security - Operational Resiliency & Crisis Management jobs in the Greendale, WI area right now.

AI Assistant is available now!