Associate Director of Cybersecurity GRC Remote

Primary City/State:

Phoenix, Arizona

Department Name:

IT Cybersecurity GRC-Corp

Work Shift:

Day

Job Category:

Information Technology

Primary Location Salary Range:

$52.58 - $87.63 / hour, based on education & experience

In accordance with State Pay Transparency Rules.

Innovation and highly trained staff. The Information Technology professionals at Banner Health are utilizing cutting-edge technology to change health care for the better. If you’re ready to change lives, we want to hear from you.

The Governance, Risk, and Compliance (GRC) team is responsible for IT and Cybersecurity risk management, to include risk exception management, risk frameworks, risk tolerance management, policies and standards lifecycle management, IT audit support, issue and risk follow-up, risk register management, validation assessments, HIPAA assessments, among other risk-related responsibilities. The GRC team also provides risk information and metrics for Board reporting. The team is integral is making sure IT risk is accounted for and remediated across the organization.

Banner Health is looking for an Associate Director of Cybersecurity GRC to be a strong leader over our GRC team. The incumbent would focus on leading validation assessments where the most significant risk is identified; IT policies and standards lifecycle management to include NIST framework adherence and compliance assessments; managing our exception management process; establishing and maintaining a Cybersecurity data governance function; among other core GRC functions where we continue to focus on the most significant IT and Cybersecurity risk in the organization.

This is a full-time, salaried position, and the typical schedule is a 40 hour work week. After hours/weekend work is not typically expected or required. The primary work location is remote. Travel may be required periodically to our Corporate location in Phoenix, AZ as necessary. The incumbent can be onsite and/or remote. An ideal candidate would possess a Bachelor’s degree in Computer Science, Information Systems, Engineering, Business Administration, or equivalent, in a related field with at least seven (7) years of related experience, to include at least three (3) years of clear leadership and supervisory experience. A certification such as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Systems Security Certified Practitioner (SSCP), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP) or other relevant certification is preferred.

Banner Health IT was awarded Inside Pro and Computerworld's 100 Best Places to work in IT for 2020, 2021, 2022, and 2023!

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

POSITION SUMMARY
This position is responsible for planning, organizing and day to day management of cybersecurity systems, applications, projects and professionals. Incumbent participates in the development and implementation of cybersecurity strategies to achieve desired outcomes. Responsibilities also include participation in the management of the cybersecurity financial plans, budgets, performance, and other operational activities for Banner Health’s Cybersecurity organization. This position is responsible for the operational oversight of a functional team, including direct HR management responsibilities, within Banner Health. The Incumbent is expected to work with management across diverse areas and multiple states to effectively and efficiently operate the Cybersecurity Department and partner with other parts of Banner’s organization.

CORE FUNCTIONS
1. Establish priorities, workloads, controls and work procedures, as well as determine resourcing needs. Hire, train, conduct performance evaluations, and supervises the workflow for designated staff. This includes initiating promotions, transfers, disciplinary actions and development planning and management.

2. Lead and manage teams to deliver business outcomes, manage quality of delivered services, and mentor Cybersecurity team members.

3. Translates Cybersecurity Strategic Goals into team specific processes and activities. Establish team objectives and develop effective tools to measure and report performance against these objectives.

4. Assists Cybersecurity leadership in developing annual operational budgets. Assists leadership in ensuring budgetary goals are met on an annual basis.

5. Assist cybersecurity leadership in establishing and maintaining meaningful measurable metrics and reporting. Track to resolution customer problems ensuring the solution is timely and of acceptable quality while effectively communicating with all levels of the organization.

6. Provides leadership with support in establishing and delivering the Cybersecurity strategy and leads or participates in the design, direction, and coordination of cybersecurity projects, systems or applications.

7. Provides expertise and direction while participating in the planning of cybersecurity systems and application strategic objectives and goals. Establish and maintain meaningful measurable metrics and reporting.

8. Provides guidance, direction, and oversight for compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry information.

9. Under general direction, this position is responsible for information security across multiple departments system-wide and requires interaction at all levels of staff and management.

Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.

MINIMUM QUALIFICATIONS
Must possess strong knowledge of business, cybersecurity, information technology and/or computer science as normally obtained through the completion of a bachelor's degree. Certification may be required in at least one of the following areas within one year of entering the position. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Systems Security Certified Practitioner (SSCP), Payment Card Industry - Internal Security Assessor (PCI-ISA), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP), CompTIA Security or other certification designated by the Information Security Leader.

Must also possess seven plus years of experience, three of which with supervisory experience, in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience. Must demonstrate expertise in information technology and healthcare. Needs experience in medium to large scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Ability to balance project workloads with customer support and on-call demands. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.

Demonstrate proficiency with the Microsoft Suite of products and other tools depending on position requirements.

PREFERRED QUALIFICATIONS

Advanced degree may substitute for work experience.
Additional related education and/or experience preferred.

EOE/Female/Minority/Disability/Veterans

Our organization supports a drug-free work environment.

Privacy Policy