Chief Information Security Officer

About the role

Presbyterian Healthcare Services (PHS) seeks a dynamic, imaginative, and distinguished executive to serve as its next Chief Information Security Officer (CISO). As a critical member of the senior leadership team, the CISO will lead the strategic vision and execution of an enterprise-wide information security and cyber risk management program that protects a premier integrated healthcare delivery network. This is a pivotal moment to join PHS. The organization is navigating a period of significant digital transformation, innovation, and growth, including a robust M&A roadmap. The next CISO will not merely be a technical gatekeeper but a strategic enabler who ensures that the health system's clinical excellence and the health plan's administrative integrity are anchored in a culture of security and resilience. The Opportunity for the incoming CISO includes: - Elevating the Security Posture: Transitioning the program from traditional technical oversight to a sophisticated, risk-based ecosystem. This involves maturing the NIST Cybersecurity Framework (CSF) and ensuring 405(d) compliance across both the world-class clinical enterprise and the diverse health plan. - Leading Cyber Resiliency: Serving as the executive champion for business resiliency, ensuring that patient safety, member services, and continuity of care remain uninterrupted during cyber events, technology failures, or third-party disruptions. - Driving Innovation Safely: Partnering with clinical and digital leaders to integrate security into the adoption of AI, cloud technologies (AWS), and emerging quantum-resilient frameworks, ensuring PHS remains at the forefront of safe healthcare delivery. - Influencing at the Highest Levels: Acting as the primary advisor to the Compliance and Audit Committee of the Board and the Chief Growth Officer. The CISO will have the mandate to translate complex cyber risks into clear clinical and business impacts, fostering a culture of shared accountability across the system. - Building a Legacy of Talent: Mentoring and scaling a high-performing, customer-centric team of directors and architects who are viewed as collaborative partners across the entire $1.5B+ revenue enterprise. The successful candidate will be a seasoned organizational leader with a strong technical/operational background and a "leader-teacher" mentality. They will possess the executive presence to thrive in a highly matrixed environment and the communication skills to turn a technical roadmap into an inspiring vision that aligns 13,000+ employees toward a common goal of protecting patient and member trust. Work Arrangement: - Remote: Open to applicants in the United States, excluding CA, IL, ND, NY, OH, WA, and WY. - Hybrid: For individuals within 60 miles of Albuquerque, in-office presence is required Tuesday through Thursday. Job Description: Strategic & Security Leadership Forward-Looking Strategy: Define and execute a multi-year, risk-based information security strategy aligned with PHS's growth and innovation roadmap. Governance & Maturity: Continuously mature the program using the NIST CSF and 405(d)-compliant frameworks to ensure critical systems are identified and reasonable controls are effectively executed. Executive Advocacy: Act as the key advisor to the Board, translating cyber risk into clinical impact and fostering a culture of shared accountability. Regulatory Watch: Stay abreast of state and national regulatory changes (HIPAA, HITECH, PCI DSS, JCAHO) and engage in professional development to keep PHS at the leading edge. Policy, Compliance, and Audit Framework Management: Establish and maintain a comprehensive governance framework, including policies, standards, and risk appetite statements. Technical Security Oversight: Lead efforts to evaluate the adequacy of security controls for both on-prem and cloud (AWS) systems. Audit Excellence: Coordinate with Internal Audit and 3rd Party Auditors to keep audit focus in scope and maintain excellent relationships with regulatory entities. Business Resiliency & Incident Response Resiliency Strategy: Provide executive leadership for cyber-related business resiliency, ensuring alignment with patient safety and continuity objectives. BC/DR Sponsorship: Serve as the executive sponsor for Business Continuity and Disaster Recovery capabilities related to ransomware and technology failures. Incident Control: Act as the primary control point during significant incidents, convening the Cybersecurity Incident Response Team (CSIRT) as necessary. Operational & Emerging Tech IAM & Data Governance: Advance identity and access management strategies and data governance capabilities, including privacy-by-design. AI Governance: Participate in developing frameworks for secure adoption of AI and other emerging technologies. Vendor Risk: Strengthen third-party risk management for both IT-sourced technologies and the medical device ecosyst

Benefits

Additional Information

Location Address: 9521 San Mateo NE Albuquerque, NM 87113-2237

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at phsorg? Share your experience