Deputy Chief Information Security Officer

Job Summary

Under the direction of the Vice President and Chief Security Officer, the Deputy Chief Information Security Officer is responsible to support the VP/CISO for all aspects of Information Security at Florida Health Sciences Center, Inc - a multi-billion-dollar enterprise with over one hundred locations over a vast geography. The focus of this role is to be responsible for designing, implementing, and maintaining robust security architecture and frameworks that protect our organization's critical information and systems. This role works closely with cross-functional teams, including IT, engineering, and compliance, to ensure that security best practices are embedded throughout our infrastructure and applications. The role also works closely with the CISO to develop and execute the organization's information security strategy, ensuring the confidentiality, integrity, and availability of our information assets. Manages security operations, implements security measures, and ensures compliance with regulatory requirements.

Responsibilities include, but not limited to:

• Develop and implement a comprehensive cyber security architecture that aligns with the organization's overall business and technology objectives
• Design and review security controls, frameworks, and standards to protect the confidentiality, integrity, and availability of information assets
• Collaborate with cross-functional teams to identify and evaluate potential security risks and develop appropriate mitigation strategies
• Conduct regular security assessments and vulnerability scans to identify weaknesses and recommend remediation actions.
• Lead the implementation of security solutions, including firewalls, intrusion detection and prevention systems, encryption technologies, and access control mechanisms
• Define and enforce security policies, procedures, and guidelines to ensure compliance with industry standards and regulatory requirements
• Stay up to date with emerging cyber threats, vulnerabilities, and industry best practices to proactively address potential risks.
• Provide technical guidance and mentorship to the security operations team, helping them develop their skills and knowledge.
• Collaborate with third-party vendors and contractors to assess their security posture and ensure compliance with contractual security requirements
• Participate in incident response activities, conducting forensic analysis, and leading post-incident reviews to identify lessons learned and improve security measure
• Assist the CISO in developing and implementing the organization's information security strategy, policies, and procedures.
• Manage security operations, including incident response, vulnerability management, and security monitoring, to detect and respond to potential threats in a timely manner.
• Collaborate with cross-functional teams to assess security risks, develop risk mitigation strategies, and ensure security requirements are integrated into business processes and systems.
• Stay up to date with the latest cyber threats, vulnerabilities, and industry best practices, and provide recommendations to enhance the organization's security posture.

Qualifications

• Bachelor's degree in computer science, information technology, or a related field.
• Proven experience working as a Cyber Security Architect or in a similar role, designing and implementing security solutions for complex environments
• In-depth knowledge of network security, application security, cloud security, encryption technologies, and identity and access management
• Strong understanding of security frameworks and industry standards such as ISO 27001, NIST Cybersecurity Framework, and PCI DSS
• Hands-on experience with security technologies and tools, such as firewalls, IDS/IPS, SIEM, vulnerability scanners, and penetration testing
• Familiarity with regulatory requirements, including GDPR, HIPAA, or other industry-specific standards
• Excellent analytical and problem-solving skills with the ability to assess risks and develop effective mitigation strategies
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and present complex security concepts to non-technical stakeholders