Job Category: Cybersecurity

Avanir Pharmaceuticals has retained Kirby Partners to conduct a nationwide executive search for their Associate Director, Information Security position.

Avanir Pharmaceuticals is a global pharmaceutical company committed to delivering central nervous system (CNS) solutions.

Avanir Pharmaceutical has two main products used for treatments of CNS disorders:

  • NUEDEXTA is the first and only FDA approved treatment for PseudoBulbar Affect (PBA), a medical condition that causes involuntary, sudden, and frequent episodes of crying and/or laughing in people living with certain neurologic conditions or brain injury.
  • ONZETRA® Xsail® is the first intranasal medication delivery system for the acute treatment of adult migraines.
Associate Director, Information Security Position Overview:

The Associate Director, Information Security is responsible for the overall design, execution and day-to-day management of Avanir’s information security capabilities in alignment with appropriate global information security standards. As the architect and thought leader in developing a comprehensive, risk-based information security strategy and roadmap, drive the maturity of Avanir’s people, processes and tools to support and enhance this critical business capability.

Qualifications:
  • Bachelor’s degree in Information Technology, Engineering or related technical or business field
  • 14+ years of related experience in an Information Technology role; 7+ years’ experience serving in a management and leadership role within an Information Security function (IT Security, IT Audit, etc.) or a similar consulting organization is required
  • Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, IDS/IPS, and SEIM
  • Working knowledge of information security technologies, markets and vendors including firewall, intrusion detection, assessment and monitoring tools, encryption, certificate authority, and cloud identity management
  • Proficiency with MS Office applications and common web applications
  • Familiarity with global Information Security industry standards/best practices and relevant regulations (e.g., PCI DSS, HIPAA, GDPR, NIST, ISO, CobiT, ISF) CISSP, CISM, CISA, GCIH, CEH or other related information security certifications preferred
  • Core competencies for this role include: Adapt to Change – demonstrate Organizational Awareness, Self-Awareness, Proactivity and Learning Agility, Work Collaboratively – embody Teamwork, Influence without authority, and demonstrate Technical Expertise, Apply Judgment – effectively leverage Prioritization, Problem Solving and Decision Making skills to achieve superior results
For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

Please note that Kirby Partners exclusively represents this opportunity and all candidates will be presented through our team of executive recruiters.  If you have questions about this position, please email Bryan Kirby.

Duke Health has retained Kirby Partners to conduct a nationwide executive search for their Chief Information Security Officer position.

Duke Health integrates the Duke University School of Medicine, Duke University School of Nursing, Duke University Health System, Private Diagnostic Clinic, and incorporates the health research programs within the Duke Global Health Institute. Duke University Health System is a world-class hospital and health care network supported by outstanding and renowned clinical faculty, nurses and care teams. Duke’s services span the full continuum of care, from primary care to medical and surgical specialties and sub-specialties.

Duke University Health System includes three hospitals – Duke University Hospital on the Duke University Medical Center campus, Duke Regional Hospital and Duke Raleigh Hospital.

Duke Network Services:

Duke Network Services has more than 25 years of experience in 44 community-based specialty and hospital affiliations across the region and nation. Duke LifePoint Healthcare is a joint venture between DUHS and LifePoint Health, a leading healthcare company dedicated to making communities healthier. DUHS joined forces with LifePoint as they share an interest in collaborating with hospitals, healthcare providers and patients to bring high quality, innovative healthcare services to communities.

  • Duke University School of Medicine
  • Duke University School of Nursing
  • Duke Global Health Institute
  • Duke Clinical and Translational Science Institute
  • Duke Clinical Research Institute

 

Chief Information Security Officer Position Overview:

The Chief Information Security Officer (CISO) is Duke Health’s senior leader responsible for establishing the information security strategy and direction for the enterprise. A key responsibility will be collaborating with key business and IT leaders to develop security policies, standards, guidelines and procedures to ensure the confidentiality, integrity, and availability of Duke Health systems and data.

The Chief Information Security Officer will be part of the Duke Health Technology Solutions (DHTS) leadership team. Reporting to the VP/CIO, the CISO will be responsible for technology security across the entire continuum and will partner closely with the Duke University CISO.

Qualifications:
  • Bachelor’s degree
  • Master’s degree strongly preferred
  • At least 15 years’ experience in IT
  • 5+ years managing large, cross-functional teams
  • 5+ years practical experience designing and implementing enterprise IT security in healthcare
  • 5+ years working with HIPAA
  • 5+ years working with information security and privacy
  • Experience with NIST
  • CISSP certification

 

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

Please note that Kirby Partners exclusively represents this opportunity and all candidates will be presented through our team of executive recruiters.  If you have questions about this position, please email Bryan Kirby.

 

Seattle Children’s has retained Kirby Partners to conduct a nationwide executive search for their next Chief Information Security Officer (CISO).

The Chief Information Security Officer will embody Seattle Children’s mission to become the country’s #1 children’s hospital. This position is an incredible opportunity to serve as a senior IT leader setting strategic direction for information security and provide mentorship and leadership for a team of around 22, as well as outsourced staff.

Seattle Children’s, an award-winning leader in pediatric care and recognized as a Best Place to Work, invests in their people, passionately supports a healthy work-life balance, and provides great benefits. They are in the top five facilities in pediatric research and are experiencing tremendous growth, currently involved in multiple construction projects, including additions to the hospital, new research buildings, and a new build out for IT, located in downtown Seattle. The hospital serves as the pediatric and adolescent academic medical center for Washington, Alaska, Montana and Idaho – the largest region of any children’s hospital in the country.

Seattle Children’s Key Network Indicators:

  • 429,255 patient visits
  • 403 licensed beds
  • 7,977 employees

 

Seattle Children’s Chief Information Security Officer Position Overview:

Seattle Children’s lives its mission in everything it does: “We provide hope, care and cures to help every child live the healthiest and most fulfilling life possible.”

They are seeking a Chief Information Security Officer (CISO) who will embody this mission while serving as a senior leader in the IT department. The CISO leads an information security team of approximately 22 individuals and manages outsourced staff. The CISO will play a key role in continuing to mature the information security program and policies, as well as building information security awareness. This position will work collaboratively with business stakeholders including appropriately managing risk while balancing agility.

Seattle Children’s is a complex organization. The Chief Information Security Officer will oversee information security for the health system as well as the ground breaking research done at Seattle Children’s Research Institute. The Seattle Children’s Research Institute was recently joined by The Center for Infectious Disease Research (CIDR). CIDR brought an annual $25 million National Institutes of Health-funded research portfolio. CIDR will add to the research institute’s extramural funding, which totaled over $120 million in 2017, and boost its position among the nation’s top five pediatric research centers.

Seattle Children’s is currently involved in multiple construction projects, including additions to the hospital, new research buildings, and a new build out for IT, located in downtown Seattle. One of their five pillars is innovation and involves relationships with major companies such as Amazon and Microsoft, as well as working with startups and conducting Hackathons. The entire organization is invested in being the best children’s hospital in the country. They are in the top five facilities in pediatric research and are experiencing tremendous growth.

The organization provides low-cost mass transit passes and actually provides a daily stipend for not driving solo to work. For each day you bike, take mass transit or carpool, you earn money. They also fit you for a bike and provide a helmet and maintenance if you agree to ride to work, two days per week.

Seattle Children’s is a great place to live your values and help care for children.

Qualifications:
  • Bachelor’s degree (Master’s preferred)
  • 10+ years of experience in information security and risk management leadership roles in an academic medical center, complex health system or life sciences role
  • CISM or CISSP preferred

 

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

Please note that Kirby Partners exclusively represents this opportunity and all candidates will be presented through our team of executive recruiters.  If you have questions about this position, please email Bryan Kirby.

 

UMC Health System has retained Kirby Partners to identify, qualify, and present individuals for their Chief Information Security Officer position.

As a senior leader in the IT department, the Chief Information Security Officer (CISO) leads a team of five: three Cybersecurity Incident Response Team (CSIRT) engineers, a disaster recovery/risk manager and an identity and access control specialist.

UMC Health System is recognized as “One of the Best Companies to Work for in Texas” in 2018 by Texas Monthly. UMC Health System, a 500-bed public hospital in Lubbock County, Texas, consists of a team of healthcare providers that have served the West Texas and Eastern New Mexico region since 1978. UMC is also the primary teaching hospital for the Texas Tech University Health Sciences Center and is recognized as Healthcare’s Most Wired.

Key Network Indicators:

  • 4,600 employees
  • 30,748 inpatient admissions
  • 700 medical staff
  • $2.3 B total revenue

 

Chief Information Security Officer Position Description:

The incoming CISO will put together a comprehensive security plan which includes information security policy and education. UMC recently experienced a data breach and is working with OCR on remediation. The incoming CISO will work in close collaboration with Compliance and Internal Audit on the continuing work with OCR. This is an ideal opportunity for an information security leader to mature an existing program and positively influence the culture of security across the organization. The position is responsible for identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling UMC to develop an anticipatory response to minimize information security risk. The CISO acts as the key liaison and focal point for all information security communications and projects, and coordinates the necessary alignment of information security and staff resources. The position is also responsible for budgeting, project prioritization, and providing guidance to senior leadership in all matters of cybersecurity.

Qualifications

Required:

  • Bachelor’s Degree in computer science, MIS, cybersecurity or equivalent
  • CISSP certification
  • Five years’ experience in information security
  • Two years managerial experience with budgetary authority
  • Healthcare experience

Desired:

  • Information security training and education program development
  • Experience presenting to executive audiences
  • Advisory committee leadership

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

Beaumont Health has retained Kirby Partners to identify, qualify, and present individuals for their Chief Information Security Officer position.

The Chief Information Security Officer is a senior IT leadership role with enterprise responsibility and accountability for the IT Cyber Security team. Working within a “greenfield” environment, the CISO will lead a team to ensure IT governance and policies and procedures are enacted and will also partner closely with the CTO to help ensure infrastructure security.

Beaumont Health, Michigan’s largest health care system with eight hospitals and 187 outpatient sites, has received national recognition, including U.S. News & World Report’s “America’s Best Hospitals” list.

Key Network Indicators:

  • 38,000 employees
  • 5,000 physicians
  • 3,429 total beds
  • $4.4 billion total net revenue
Chief Information Security Officer Position Description:

Beaumont’s Chief Information Security Officer is a senior member of the IT leadership team and reports to the Executive Vice President/CIO. This is a very collaborative and operational position with dual reporting to Compliance. Compliance is responsible for privacy and policy violations. The CISO will lead a team to ensure IT governance and policies and procedures are enacted and will also partner closely with the CTO to help ensure infrastructure security.

Qualifications
  • Bachelor’s degree
  • Track record of establishing IT Cyber Security as an enabler and differentiator
  • Approximately 10 years of experience overseeing IT Cyber Security in a complex environment
  • Healthcare experience preferred (including peripheral industries)
  • Strong communication skills and the ability to present to the board and interface with other executives both within and outside of the organization
  • Strong leadership skills of approximately 4 years having led teams of at least 15 individuals
  • Advanced degree preferred

 

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

 

 

 

 

Southcoast Health has retained Kirby Partners to identify, qualify, and present individuals for their  Chief Information Security Officer position.

Under the general direction of the Senior Vice President CIO for Southcoast Health System, the Chief Information Security Officer will perform a wide variety of duties including establishing, implementing, monitoring, and enforcing information security standards enterprise-wide.

Southcoast Health is a community based health delivery system with multiple access points, offering an integrated continuum of health services throughout Southeastern Massachusetts and Rhode Island. It includes the three hospitals that make up Southcoast Hospitals Group.

Key Network Indicators:

  • 815 beds
  • 650 physicians
  • 7,500 employees
  • $989 million operating revenue

 

Southcoast Hospitals Group:

  • Charlton Memorial Hospital in Fall River
  • St.Luke’s Hospital in New Bedford
  • Tobey Hospital in Wareham

 

Chief Information Security Officer Southcoast Health

Position Description:

The CISO will be responsible for the creation and maintenance of enterprise-wide information security strategies. This position will oversee the creation and maintenance of information security policy, leads on-going security risk assessments and status reporting efforts and is responsible for the creation and roll-out of security awareness and training programs.

Qualifications:
  • Bachelor’s Degree in Computer Science, Business or related field
  • Master’s Degree preferred
  • Substantial and directly related information security skills and experience may substitute for some education
  • 7-10 years of IT related management experience in a complex healthcare environment
  • Strong understanding of IT security threats and preventative measures, disaster management and techniques and technologies and IT related security laws, regulations and guidelines are required. Must work well with and in teams
  • Advanced computer technical skills are required to understand the complex IT infrastructure in the enterprise
  • Ability to lead through influence

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

Carilion Clinic has retained Kirby Partners to identify, qualify, and present individuals for their Chief Information Security Officer position.

As a key member of the SVP/CIO’s leadership team, the Chief Information Security Officer will have the opportunity to lead an information security team as they establish a strong security culture.

Carilion Clinic, a nationally recognized not-for-profit healthcare system in Roanoke, Virginia, serves approximately one million residents in Western Virginia through their comprehensive network of hospitals, primary and specialty physician practices and other complementary services. With 696 employed physicians representing more than 76 specialties, the healthcare system seeks to advance care through medical education and research.

Key Network Indicators:

  • $1.7 billion (net) total revenue
  • 12,800 employees
  • 1,026 licensed beds
  • 50,399 admissions
 Chief Information Security Officer position opening at Carilion Clinic

 

Chief Information Security Officer Position Description:

Carilion Clinic is hiring the organization’s first enterprise Chief Information Security Officer. The organization is looking for the CISO to provide an enterprise information security vision and grow the security environment. Carilion Clinic has a patient-focused culture; this position will work closely with research and physicians, and the Epic team. The CISO is responsible for developing long-term information security strategies including, but not limited to, network security, computer and device security as well as application and data security. The CISO leads the response to IT security incidents, serving as primary IT contact point for information security matters that require coordination within the central IT organization as well as the enterprise. The information security program is well funded with a $3M investment over the past three years and is strongly supported by senior leadership and the board of directors.

The CISO will oversee a team of eight people which includes two network security engineers and six identity and access management analysts. The CISO will oversee the coordination of IT security matters in collaboration with Carilion Clinic’s legal counsel, internal audit, compliance/risk management, and other departments as appropriate. The position will also provide specialized IT security consulting, materials, programs and analysis related to information security and IT policy. Additional duties include proactive involvement with IT risk assessments, IT security policy and research, evaluating and overseeing implementation of procedural and technical IT security measures for Carilion’s network, applications, computing systems and environments as well as mobile and clinical engineering assets.

Responsibilities
  • Lead governance processes for IT security strategies.
  • Lead strategic security planning to achieve organizational goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies using a risk-based assessment methodology.
  • Develop and communicate security strategies and plans to executive team, staff, partners, and stakeholders.
  • Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
  • Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
  • Define and communicate corporate plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
  • Establish standards for the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and related software.

Upcoming projects:

  • Develop a comprehensive IT security program that includes training and awareness
  • Formalize incident response plan
  • Network segmentation
  • Centralize and streamline identity and access management process

 

Qualifications
  • Over eight years of dedicated IT security related experience
  • Expert technical understanding IT security protocols, technologies, and issues
  • CISSP or CISM
  • Bachelor’s degree required; Master’s degree desired

 

For more information about the organization, position, and the community, click the “Full Profile” link (top right sidebar) or click here.

 

University of Virginia Health System has retained Kirby Partners to identify, qualify and present individuals for their Information Security Officer position.

 

Organization Overview:

UVA Health System is nationally renowned and includes a 612-bed hospital and level I trauma center, nationally recognized cancer and heart centers, Children’s Hospital, and primary and specialty clinics throughout Central Virginia.

UVA Health System Facilities:

  • UVA Medical Center
  • Novant Health UVA Health System
  • UVA Transitional Care Hospital (LTACH)
  • UVA Physician’s Group
  • UVA School of Medicine
  • UVA School of Nursing
  • Claude Moore Health Sciences Library

 

Information Security Officer Position Description:

The Information Security Officer will be responsible for setting information security strategy across the health system, school of medicine and the physician group. Accordingly, the Information Security Officer is responsible for planning, directing and coordinating the implementation of strategic initiatives to preserve the availability, integrity and confidentiality of Health System information resources. The Information Security Officer is also responsible for ongoing management of the Health System’s cybersecurity defenses and responses to threats and attacks. The Information Security Officer works in close collaboration with the UVA Chief Information Security Officer, Health System Compliance and Privacy Officer, UVA Internal Audit, UVA Legal, and external audit and other agencies.

Responsibilities:

  • Implement comprehensive Information Security Program
  • Direct Information Security Risk Management Program
  • Serve as the organization’s senior information security leader
  • Provide effective leadership
  • Model effective communication and collaboration skills/behaviors
  • Take action to achieve measurable results
  • Support innovation and organizational change to improve effectiveness
  • Develop talent and coach peers and others to develop their capabilities
  • Achieve budgetary goals
  • Apply knowledge of functional area to effectively manage operations

 

Qualifications:

Required:

  • Master’s Degree or Bachelor’s Degree with 4 years from date of hire/transfer to obtain Master’s Degree
  • 7- 10 years demonstrated experience in related area
  • 5 years leadership in healthcare information technology security
  • Experience working with legal, audit, and compliance professionals
  • Thorough understanding of Federal and Commonwealth regulations including HIPAA, ARRA, HITECH, etc.
  • One or more professional certifications in either Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (SANS/GIAC), Systems Security Certified Practitioner (SSCP), or Certified Information Systems Auditor (CISA)

 

 

 

 

 

 

 

Watch our video for additional information about this opportunity.

 

Nebraska Methodist Health System has retained Kirby Partners to identify, qualify and present individuals for their Chief Information Security Officer Position.
Organization Overview

A leading regional integrated health care delivery system, Nebraska Methodist Health System provides quality health care and preventive services to residents throughout the Midwest. Founded in 1982 as the first health care system formed in the region, Nebraska Methodist Health System’s mission is simple: “NMHS is committed to caring for people.” The health system strives to ensure that its programs and services, and those of its affiliate corporations, are of superior value and readily available to all residents of the regions it serves.  The health system includes three hospitals (Methodist Hospital, Methodist Women’s Hospital and Methodist Jennie Edmundson Hospital), 21 health clinic locations, as well as a nursing and allied health college.

Chief Information Security Officer Position Highlights

The CISO will be responsible for the development and implementation of an enterprise-wide information security program. Responsible for planning, managing, coordinating programs, and implementing strategic initiatives to preserve the confidentiality, integrity, and availability of the organization’s information resources.  This role interfaces with senior leadership, front-line team members, executes corporate development strategy, and drives change initiatives across the system to optimize organizational potential. Works with executive management to govern policies and procedures for information security in a matter that meets the needs of the organization’s patients, medical staff, management and employees, and establishes customer confidence in the system’s information security program.

Rady Children’s Hospital has retained Kirby Partners to identify, qualify and present individuals for their Chief Information Security Officer Position.

 

Organization Overview

Rady Children’s Hospital is a non-profit organization that serves as the largest children’s hospital in California and the only hospital in San Diego dedicated exclusively to pediatric healthcare. Their mission is to restore, sustain and enhance the health and developmental potential of children through excellence in care, education, research and advocacy, and they prove their dedication to this cause by providing care to 90 percent of the region’s children.  The organization is the region’s exclusive pediatric trauma center and serves over 214,000 children per year. Equipped with 520 beds and a team that consists of nearly 900 physicians, over 5,000 employees, and 500 volunteers, Rady Children’s Hospital is uniquely positioned to serve the needs of the San Diego, Imperial, and southern Riverside counties. Rady Children’s hospital is dedicated to innovation and research, and is affiliated and collaborates with the University of California, San Diego School of Medicine and St. Jude’s Children’s Research Hospital. The organization is a major pediatric clinical research center with over 500 ongoing clinical trials and research studies, and is also the region’s teaching hospital for the next generation of pediatric physicians.

 

Chief Information Security Officer Position Highlights

Reporting to the Chief Data Officer (CDO)/Sr. Director of Data Strategy, Security, Innovation and Business Technologies, the Chief Information Security Officer (CISO) provides leadership and oversight in the strategic planning, execution, and assessment of Rady Children’s Hospital information security strategies, policies, procedures and guiding practices to be implemented. With oversight from the CDO, the CISO is responsible for establishing and maintaining a comprehensive organization-wide information security program to ensure that information assets are adequately protected against current, future, internal and external threats. The CISO is responsible for developing, identifying, directing, coordinating, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements while enabling the organization to develop an anticipatory response to minimize information security risk and breach events. The CISO position acts as the key liaison and focal point in the organization for information security communications and projects, in

 

addition to operational oversight of application security for enterprise EMR and ERP applications. The CISO will manage a team of 5 information security engineers and analysts.