UMC Health System has retained Kirby Partners to identify, qualify, and present individuals for their Chief Information Security Officer position.

As a senior leader in the IT department, the Chief Information Security Officer (CISO) leads a team of five: three Cybersecurity Incident Response Team (CSIRT) engineers, a disaster recovery/risk manager and an identity and access control specialist.

UMC Health System is recognized as “One of the Best Companies to Work for in Texas” in 2018 by Texas Monthly. UMC Health System, a 500-bed public hospital in Lubbock County, Texas, consists of a team of healthcare providers that have served the West Texas and Eastern New Mexico region since 1978. UMC is also the primary teaching hospital for the Texas Tech University Health Sciences Center and is recognized as Healthcare’s Most Wired.

Key Network Indicators:

  • 4,600 employees
  • 30,748 inpatient admissions
  • 700 medical staff
  • $2.3 B total revenue


Chief Information Security Officer Position Description:

The incoming CISO will put together a comprehensive security plan which includes information security policy and education. UMC recently experienced a data breach and is working with OCR on remediation. The incoming CISO will work in close collaboration with Compliance and Internal Audit on the continuing work with OCR. This is an ideal opportunity for an information security leader to mature an existing program and positively influence the culture of security across the organization. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling UMC to develop an anticipatory response to minimize information security risk. The CISO acts as the key liaison and focal point for all information security communications and projects, and coordinates the necessary alignment of information security and staff resources. The position is also responsible for budgeting, project prioritization, and providing guidance to senior leadership in all matters of cybersecurity.



  • Bachelor’s Degree in computer science, MIS, cybersecurity or equivalent
  • CISSP certification
  • Five years’ experience in information security
  • Two years managerial experience with budgetary authority
  • Healthcare experience


  • Information security training and education program development
  • Experience presenting to executive audiences
  • Advisory committee leadership

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.