System Director IT Security -
Stormont Vail Health, Topeka, KS, United States
Shift
First Shift (Days – Less than 12 hours per shift) (United States of America)
Hours Per Week
40
Position Status
Full time
Job Information
Exemption Status: Exempt
Overview The System Director of IT Security serves as Stormont Vail Health’s Chief Information Security Officer (CISO) and is responsible for the enterprise‑wide cybersecurity strategy, governance, and operational security posture. The role oversees the protection of PHI and other sensitive information, ensuring the confidentiality, integrity, and availability of systems across the SVH enterprise. It provides executive leadership for cybersecurity risk management, incident response, security architecture, vendor risk oversight, and regulatory compliance. The position reports directly to the Chief Information Officer and is a key member of the overall technology leadership team, coordinating activities with the Chief Compliance Officer and General Counsel.
Education Qualifications Bachelor’s Degree Required
Experience Qualifications 5 years working in information systems security in a complex environment managing firewalls and other security tools. Required.
2 years experience in a management role in a complex organization. Required.
Skills And Abilities Demonstrated expertise in information security infrastructure, architecture, and controls—including network security, firewalls, endpoint protection, identity and access management, logging, and threat detection technologies. Required proficiency.
Ability to independently lead and prioritize multiple complex initiatives simultaneously, balancing operational demands, strategic objectives, and risk considerations across different stages of execution. Required proficiency.
Proven ability to apply critical thinking and sound judgment to translate business, clinical, and operational needs into effective security strategies and technology solutions, while appropriately managing risk and regulatory considerations. Required proficiency.
Strong financial acumen with the ability to develop, manage, and justify security budgets, evaluate return on investment, and ensure spending aligns with enterprise risk priorities and organizational goals. Required proficiency.
Ability to communicate cybersecurity risks, priorities, and incidents effectively to technical and non‑technical audiences, including executive leadership.
Strong understanding of cybersecurity governance, risk management frameworks, and regulatory requirements applicable to healthcare environments.
Licenses and Certifications Certified Information System Security Professional (CISSP) – IISSCC Required
Equivalent senior‑level security certification (e.g., CISM) Preferred
What you will do Strategic Planning – Develop and execute a strategic approach to information security investments, ensuring the protection of PHI and other sensitive data while strengthening system resilience against phishing, malware, ransomware, and related threats.
Personnel Management – Lead the IT Security Team and collaborate closely with the CIO, Director of IS, IS Engineering Manager, and Helpdesk Manager to ensure Stormont Vail staff effectively manage risk and continuously improve the organization’s security posture.
Risk Management & Governance – Oversee cybersecurity operations and enterprise risk management, including risk assessments, security exception management, and the development and enforcement of enterprise information security policies.
Fiscal Responsibility – Provide budget guidance during the annual planning process and manage security‑related CapEx and OpEx budgets.
Security Operations & Monitoring – Ensure appropriate vendor relationships and tools are in place to monitor SVH security infrastructure 24×7.
Incident Response Planning – Establish and maintain robust incident‑response processes to ensure rapid, coordinated action during security events.
Develop and manage IS Quality of Service measures for IS security to provide transparency on current security risks.
Develop strong partnership with IS Applications, IT Security, and all other technology teams.
Responsible for 24×7x365 IS Security Team.
Monitor industry data to be prepared for new security threats.
Provide education to all organization levels on security risks and appropriate actions to prevent SVH from being impacted by potential threats.
Assist the Project Management team with typical PMO activities such as system security assessment.
Ensure the IS Security Exception process is in place and effectively manages the security risks SVH leadership is willing to accept.
Coordinate with Compliance and Legal on HIPAA/HITECH requirements.
Travel Requirements 5% travel – some remote locations in NE Kansas may require support.
Patient Facing Options Position is not patient facing.
Stormont Vail is an equal opportunity employer and adheres to the philosophy and practice of providing equal opportunities for all employees and prospective employees, without regard to the following classifications: race, color, ethnicity, sex, sexual orientation, gender identity and expression, religion, national origin, citizenship, age, marital status, uniformed service, disability or genetic information. This applies to all aspects of employment practices including hiring, firing, pay, benefits, promotions, lateral movements, job training, and any other terms or conditions of employment.
Retaliation is prohibited against any person who files a claim of discrimination, participates in a discrimination investigation, or otherwise opposes an unlawful employment act based upon the above classifications.
#J-18808-Ljbffr
First Shift (Days – Less than 12 hours per shift) (United States of America)
Hours Per Week
40
Position Status
Full time
Job Information
Exemption Status: Exempt
Overview The System Director of IT Security serves as Stormont Vail Health’s Chief Information Security Officer (CISO) and is responsible for the enterprise‑wide cybersecurity strategy, governance, and operational security posture. The role oversees the protection of PHI and other sensitive information, ensuring the confidentiality, integrity, and availability of systems across the SVH enterprise. It provides executive leadership for cybersecurity risk management, incident response, security architecture, vendor risk oversight, and regulatory compliance. The position reports directly to the Chief Information Officer and is a key member of the overall technology leadership team, coordinating activities with the Chief Compliance Officer and General Counsel.
Education Qualifications Bachelor’s Degree Required
Experience Qualifications 5 years working in information systems security in a complex environment managing firewalls and other security tools. Required.
2 years experience in a management role in a complex organization. Required.
Skills And Abilities Demonstrated expertise in information security infrastructure, architecture, and controls—including network security, firewalls, endpoint protection, identity and access management, logging, and threat detection technologies. Required proficiency.
Ability to independently lead and prioritize multiple complex initiatives simultaneously, balancing operational demands, strategic objectives, and risk considerations across different stages of execution. Required proficiency.
Proven ability to apply critical thinking and sound judgment to translate business, clinical, and operational needs into effective security strategies and technology solutions, while appropriately managing risk and regulatory considerations. Required proficiency.
Strong financial acumen with the ability to develop, manage, and justify security budgets, evaluate return on investment, and ensure spending aligns with enterprise risk priorities and organizational goals. Required proficiency.
Ability to communicate cybersecurity risks, priorities, and incidents effectively to technical and non‑technical audiences, including executive leadership.
Strong understanding of cybersecurity governance, risk management frameworks, and regulatory requirements applicable to healthcare environments.
Licenses and Certifications Certified Information System Security Professional (CISSP) – IISSCC Required
Equivalent senior‑level security certification (e.g., CISM) Preferred
What you will do Strategic Planning – Develop and execute a strategic approach to information security investments, ensuring the protection of PHI and other sensitive data while strengthening system resilience against phishing, malware, ransomware, and related threats.
Personnel Management – Lead the IT Security Team and collaborate closely with the CIO, Director of IS, IS Engineering Manager, and Helpdesk Manager to ensure Stormont Vail staff effectively manage risk and continuously improve the organization’s security posture.
Risk Management & Governance – Oversee cybersecurity operations and enterprise risk management, including risk assessments, security exception management, and the development and enforcement of enterprise information security policies.
Fiscal Responsibility – Provide budget guidance during the annual planning process and manage security‑related CapEx and OpEx budgets.
Security Operations & Monitoring – Ensure appropriate vendor relationships and tools are in place to monitor SVH security infrastructure 24×7.
Incident Response Planning – Establish and maintain robust incident‑response processes to ensure rapid, coordinated action during security events.
Develop and manage IS Quality of Service measures for IS security to provide transparency on current security risks.
Develop strong partnership with IS Applications, IT Security, and all other technology teams.
Responsible for 24×7x365 IS Security Team.
Monitor industry data to be prepared for new security threats.
Provide education to all organization levels on security risks and appropriate actions to prevent SVH from being impacted by potential threats.
Assist the Project Management team with typical PMO activities such as system security assessment.
Ensure the IS Security Exception process is in place and effectively manages the security risks SVH leadership is willing to accept.
Coordinate with Compliance and Legal on HIPAA/HITECH requirements.
Travel Requirements 5% travel – some remote locations in NE Kansas may require support.
Patient Facing Options Position is not patient facing.
Stormont Vail is an equal opportunity employer and adheres to the philosophy and practice of providing equal opportunities for all employees and prospective employees, without regard to the following classifications: race, color, ethnicity, sex, sexual orientation, gender identity and expression, religion, national origin, citizenship, age, marital status, uniformed service, disability or genetic information. This applies to all aspects of employment practices including hiring, firing, pay, benefits, promotions, lateral movements, job training, and any other terms or conditions of employment.
Retaliation is prohibited against any person who files a claim of discrimination, participates in a discrimination investigation, or otherwise opposes an unlawful employment act based upon the above classifications.
#J-18808-Ljbffr