"Alerted.org

Job Description:

The Intermountain Cybersecurity Program is broken into four distinct functions: Governance Risk and Compliance, Cyber Solutions, Cyber Advisory and the Cyber Fusion Center. Cyber Caregivers within Intermountain will specialize in their specific area and function.

This Senior Director of Cybersecurity is responsible to assist and advise the CISO in the creation and maintenance of Company-wide information security strategies and ensuring operational delivery of Governance Risk and Compliance (GRC) programs within Cybersecurity. The Sr. Director will lead a team of Cybersecurity leaders, inclusive of the Director and Manager level.

The Sr. Director will report to the VP and Chief Information Security Officer. The Sr. Director will be responsible for leading the evaluating, planning, implementing, and executing on the GRC Cybersecurity function, which includes strategic planning, decision-making and the adoption of best practice standards that are in line with the global cybersecurity and business strategies. In addition, the Sr. Director will work with all other cybersecurity leaders to establish and maintain the overarching Cybersecurity strategy. The Sr. Director should be well practiced in risk management techniques and be capable of guiding the organization with risk-based recommendations. The Sr. Director is a visionary leader with a sound knowledge of Healthcare, business management and a strong knowledge of cybersecurity practices and technologies. The Sr. Director must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode. The Sr. Director will assist the CISO in all duties assigned by the CISO, CDIO or CCO.

The role is hybrid and will require travel to areas where Intermountain conducts business. Candidates who live in, or are willing to relocate to, Utah, Idaho, Nevada, Colorado, Wyoming, or Montana and are within a reasonable commuting distance to an Intermountain Health care site are preferred.​ Currently, we are not hiring remote workers in the following states: CA, CT, HI, IL, NY, RI, VT, and WA.

Essential Functions

+ Leads the development and implementation of strategic plans for the Cybersecurity functions and activities in their area of responsibility and executes that plan. Ensures that the plan is in line with global cybersecurity and Intermountain strategies.

+ Mentor and coach Directors, managers, supervisors and other team members and ensures that there is an adequate management succession plan in place. Builds a winning culture with a repeatable, process-based approach that recognizes the interdependence of all key stakeholders in the solutions delivery process.

+ Provides strategic budget oversight for a department/function they are responsible for and holds management team accountable for operating within the set operating and capital budget.

+ Develops and recommends for approval Cybersecurity specific policies and procedures.

+ Anticipates business needs and plays a collaborative role in proposing information security capabilities in support of business strategic roadmaps and creating a supporting information security strategy

+ Leads the development, implementation, and quality of cybersecurity services across the organization and ensures the services are consistently applied across all regions, markets, and functions of the organization

+ Leads, collaborates, facilitates and evangelizes the cybersecurity program to the whole organization, across all regions, markets, and functions.

+ Accountable to deliver results for area of responsibility. Regularly communicates with staff and manages projects and daily operations to ensure timely delivery within budget and according to requirements. This includes goal setting and implementation and problem/issue resolution.

+ Oversees the definition of cybersecurity standards and best practices (processes, tools, monitoring, etc.). Ensures that Directors, Managers and Supervisors ensure their teams are compliant with these standards and that the processes are repeatable.

+ Defines and measures quality and productivity associated with the services provided within the cybersecurity function.

+ Oversees the management of scope, risk, issues and budgets; resolves issues escalated from managers/supervisors and staff at any level. Also escalates issues when necessary.

+ Attracts, develops and maintains top talent to continually raise the bar on the capabilities and deliverables of the organization.

+ Coordinates project initiation, prioritization, and information technology resource allocation for staff within this function.

+ Develops and enhances an information security management framework based on industry accepted practices (e.g., ISO 27001, NIST, COBIT)

+ Understands and interacts with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.

Skills

+ Communication

+ Time management

+ Accountability

+ Reliability

+ Professionalism

+ Collaboration

+ Critical thinking

+ Problem solving

+ Leadership

+ Project Management and Prioritization

+ Budget Management

+ Experienced in cybersecurity technologies and information systems

Minimum Qualifications

+ Bachelor’s degree through an accredited institution, _or_ an advanced cybersecurity certification such as the CISSP, CISM, CISA or SANS 700+ Series

+ 7+ years of leading technology teams

+ 10+ years of proven technology experience with a focused responsibility in cybersecurity

+ Expert working experience with Security and Privacy regulations and the cybersecurity aspects of other regulations including HIPAA/HITECH, PCI DSS, SOX (MAR FRC), FRCP, JCAHO and JCAHO Alert 42, GLBA, State Breach, FERPA, and FCRA, etc.

+ Demonstrated cybersecurity background with program management, project management, and execution and delivery oversight, with attention to detail around metrics, accountability, and operational excellence

+ Excellent leadership and communication skills.

+ Excellent analysis, problem resolution, judgment and decision-making skills.

+ Excellent ability to effectively prioritize and execute tasks in a high-pressure environment.

+ Demonstrated effectiveness as a leader for staff management, development, and mentorship.

+ Excellent experience in a role requiring effective verbal, written and interpersonal

+ Results oriented

+ Self-motivated and directed.

+ Strong Customer service orientation.

+ Risk-based approach to implementing cybersecurity best practices and safeguards that support the mission of Intermountain Healthcare

Preferred Qualifications

+ Master’s degree through an accredited institution. A degree must be obtained through an accredited institution. Education is verified.

+ GRC expertise

+ ITIL certified

+ 13+ years of related experience in information systems, security technologies and systems.

+ Experience working in a healthcare or healthcare insurance environment.

+ Keen attention to detail.

+ Ability to manage geographically dispersed teams, including off-shore and on-shore

+ Project Management experience

+ Proven negotiation and influencing skills

+ Excellent written, verbal and presentation communication skills

Physical Requirements

+ Interact with others requiring the employee to communicate information.

+ Operate computers and other IT equipment requiring the ability to move fingers and hands.

+ See and read computer monitors and documents.

+ Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.

Additional Information

This is an exempt, full-time position. Pay offers are determined by prior years of relevant experience within the established pay range. In addition to the annual salary, to show our commitment to you and assist with your transition,, we may offer a sign-on and relocation bonus when applicable. With this position, you are eligible to participate in the Annual Pay for Performance (AP4P) Plan. This plan enables Intermountain Health to provide leaders with an additional performance compensation opportunity. The AP4P award opportunities are calculated as a percentage of your base salary. Awards are paid out based on attainment of selected Board-approved goals.

Physical Requirements:

Qualifications

Minimum Qualifications

+ Bachelor’s degree through an accredited institution, _or_ an advanced cybersecurity certification such as the CISSP, CISM, CISA or SANS 700+ Series

+ 7+ years of leading technology teams

+ 10+ years of proven technology experience with a focused responsibility in cybersecurity

+ Expert working experience with Security and Privacy regulations and the cybersecurity aspects of other regulations including HIPAA/HITECH, PCI DSS, SOX (MAR FRC), FRCP, JCAHO and JCAHO Alert 42, GLBA, State Breach, FERPA, and FCRA, etc.

+ Demonstrated cybersecurity background with program management, project management, and execution and delivery oversight, with attention to detail around metrics, accountability, and operational excellence

+ Excellent leadership and communication skills.

+ Excellent analysis, problem resolution, judgment and decision-making skills.

+ Excellent ability to effectively prioritize and execute tasks in a high-pressure environment.

+ Demonstrated effectiveness as a leader for staff management, development, and mentorship.

+ Excellent experience in a role requiring effective verbal, written and interpersonal

+ Results oriented

+ Self-motivated and directed.

+ Strong Customer service orientation.

+ Risk-based approach to implementing cybersecurity best practices and safeguards that support the mission of Intermountain Healthcare

Preferred Qualifications

+ Master’s degree through an accredited institution. A degree must be obtained through an accredited institution. Education is verified.

+ ITIL certified

+ 13+ years of related experience in information systems, security technologies and systems.

+ Experience working in a healthcare or healthcare insurance environment.

+ Keen attention to detail.

+ Ability to manage geographically dispersed teams, including off-shore and on-shore

+ Project Management experience

+ Proven negotiation and influencing skills

+ Excellent written, verbal and presentation communication skills

Physical Requirements

+ Interact with others requiring the employee to communicate information.

+ Operate computers and other IT equipment requiring the ability to move fingers and hands.

+ See and read computer monitors and documents.

+ Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.

Location:

Lake Park Building

Work City:

West Valley City

Work State:

Utah

Scheduled Weekly Hours:

40

The hourly range for this position is listed below. Actual hourly rate dependent upon experience.

$77.50 - $119.68

We care about your well-being – mind, body, and spirit – which is why we provide our caregivers a generous benefits package that covers a wide range of programs to foster a sustainable culture of wellness that encompasses living healthy, happy, secure, connected, and engaged.

Learn more about our comprehensive benefits package here (https://intermountainhealthcare.org/careers/benefits) .

Intermountain Health is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

At Intermountain Health, we use the artificial intelligence ("AI") platform, HiredScore to improve your job application experience. HiredScore helps match your skills and experiences to the best jobs for you. While HiredScore assists in reviewing applications, all final decisions are made by Intermountain personnel to ensure fairness. We protect your privacy and follow strict data protection rules. Your information is safe and used only for recruitment. Thank you for considering a career with us and experiencing our AI-enhanced recruitment process.

All positions subject to close without notice.