"Alerted.org

80046BRJob Posting Title:VP & Chief Information Security OfficerDepartment:Information Services - SecurityAutoReqId:80046BRStatus:Full-TimeStandard Hours per Week:40 Job Posting Category:Information TechnologyJob Posting Description:The VP & Chief Information Security Officer (CISO) reports to the SVP & Chief Information Officer and is a key member of the IT leadership team. The VP & CISO is responsible for developing, implementing, and maintaining a comprehensive cybersecurity strategy that protects the hospital’s information assets, systems, and infrastructure. This includes establishing a multi-year roadmap, overseeing information security architecture, and ensuring regulatory compliance across the organization.

The VP & CISO serves as a strategic advisor to executive leadership, the Audit Committee, and the Board of Trustees, effectively communicating risks and advocating for best practices in information security. This role will lead a dedicated security team and partner closely with cross-functional teams within a federated IT environment. This will include direct oversight of cybersecurity operations, incident response, governance, third-party risk management, and information security awareness programs.

This is a strategic leadership role for a highly collaborative, service-driven, and visionary security professional. The ideal candidate will be an innovative thinker who balances risk with operational needs and who is passionate about protecting sensitive data in a mission-driven environment.

This VP & CISO will:

+ Contribute to departmental goals, ensuring adherence to policies, procedures, quality, safety, and regulatory compliance.

+ Build credibility with senior leadership, clinicians, and staff by providing informed leadership and participating in IT Governance and prioritization.

+ Partner with CIO, CTO, and VP of Applications to define IT strategy aligned with the organizational and IT strategic plans.

+ Evaluate IT changes for security risks; advises leadership on balancing security with usability to support BCH’s mission.

+ Lead development and enforcement of enterprise information security policies, procedures, and programs.

+ Define and drives a long-term security strategy and program to safeguard BCH’s information assets.

+ Manage vendor relationships, resolves issues, and oversees vendor/third-party risk management processes.

+ Lead security-related due diligence and integration for M&A activities.

+ Collaborate across disciplines to ensure cybersecurity policies and standards are applied consistently.

+ Support business technology planning with current insights and future-state vision.

+ Ensure processes are in place for budgeting and lifecycle planning of strategic and tactical initiatives.

Qualifications:

+ BA degree in a STEM discipline required; MA degree preferred.

+ CISSP, CISM, or CISA certification required; CSM/CSPO preferred.

+ 10+ years of IT or business leadership, with at least 5 years in a cybersecurity leadership role.

+ Experience in academic and healthcare industries preferred.

+ Extensive experience in security, regulatory compliance, and external audits.

+ Strong management, analytical, and communication skills; effective with clients and senior leadership.

+ Ability to evangelize IT security as essential to business operations; build trust and respect for security function.

+ Innovative leader skilled at motivating cross-functional, interdisciplinary teams.

+ In-depth knowledge of business risk, risk assessment, and risk-based decision-making.

+ Expertise in frameworks and standards: ISO 27001/27002, NIST, SANS-CAG, COBIT, COSO, ITIL, etc.

+ Well-versed in legal/regulatory requirements (PCI, HIPAA, FERPA, HI-TRUST, NIST).

+ Strong understanding of security impacts of cloud, SaaS, and IoT architectures.

+ Broad technical knowledge: OSI model, infrastructure, app dev, networks, enterprise architecture, etc.

+ Hands-on experience with security technologies: firewalls, IDS, encryption, IAM, MFA, anti-malware, etc.

+ Natural influencer and coalition builder; passionate about building high-performing teams.

Boston Children’s Hospital offers competitive compensation and unmatched benefits

Office/Site Location:BostonRegular, Temporary, Per Diem:Regular Remote Eligibility :Part Remote/Hybrid