Chief Information Security Officer (NE)
Nebraska Methodist Health System
Omaha, NE | Map It
A leading regional integrated health care delivery system, Nebraska Methodist Health System provides quality health care and preventive services to residents throughout the Midwest.
Founded in 1982 as the first health care system formed in the region, Nebraska Methodist Health System’s mission is simple: “NMHS is committed to caring for people.” The health system strives to ensure that its programs and services, and those of its affiliate corporations, are of superior value and readily available to all residents of the regions it serves.
The health system includes three hospitals (Methodist Hospital, Methodist Women’s Hospital and Methodist Jennie Edmundson Hospital), 21 health clinic locations, as well as a nursing and allied health college.
- Responsible for the development and implementation of an enterprise-wide information security program.
- Responsible for planning, managing, coordinating programs, and implementing strategic initiatives to preserve the confidentiality, integrity, and availability of the organization’s information resources.
- This role interfaces with senior leadership, front-line team members, executes corporate development strategy, and drives change initiatives across the system to optimize organizational potential.
- Works with executive management to govern policies and procedures for information security in a matter that meets the needs of the organization’s patients, medical staff, management and employees, and establishes customer confidence in the system’s information security program.
- Bachelor’s Degree in Computer Science, Business Information Systems, Information Technology, Information Security, or a related field is required.
- Master’s Degree is preferred.
- Minimum of 5-7 years senior leadership experience is required in a combination of information security, risk management and IT roles.
- Demonstrated experience dealing with the security challenges and issues confronting a large, geographically distributed, departmentally diverse, healthcare organization(s).
- A CISSP, C-C ISO, or CISM certification is required.
- Other security certification/accreditation is highly desirable.
- Strong demonstrated transformational and complex, matrixed leadership skills (inspiring, problem solving communication across multiple organizations, executing) to champion achieving the vision of the organization.
- Skill in managing multiple complex projects involving multiple customers, interests and goals.
- Skill and technical expertise demonstrated in superior planning, decision-making, negotiation, leadership, and financial management skills/knowledge. Ability to focus on adding value to the bottom line of the business, in order to foster a preeminent healthcare environment.
- Ability to formulate the cost benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.
- Strong communication and relationship-building skills with all levels of employees, management, and community leaders.
- Ability to recruit, develop, and mentor a top-notch team capable of supporting future growth.
- Demonstrated leadership in promoting diversity and inclusion in the workplace and community.
- Skill in designing organizational structures to achieve business and operational results.
- Knowledge of applicable Federal, State, and Local regulatory agency guidelines and laws.
- Knowledge of security and privacy regulations, specifically HIPAA and PC I-DSS standards.
- Knowledge of core information security functions (e.g., strategy, operations, assessments incident response, investigations, consulting, and compliance) is desirable.
- Ability to manage security challenges and issues confronting a large, geographically distributed, departmentally diverse, healthcare organization.
- Skill in vendor selection and contract negotiations.
- Ability to travel to all locations as well as ability to travel overnight, as needed for meetings, projects, seminars, etc.