Chief Information Security Officer (CISO) - Saviance Technologies

Job Title: Chief Information Security Officer (CISO)

Location: Houston, TX (On-Site)

Type: Full-Time

About Us:

Our Client is a leading provider specializing in laboratory testing services, dedicated to delivering accurate, timely, and high-quality diagnostic results. Their commitment to innovation and excellence is paired with a steadfast focus on patient care and confidentiality. To maintain our high standards and ensure the security of sensitive patient information, we are seeking a dynamic and experienced Chief Information Security Officer (CISO) to join our leadership team in Houston, TX.

Role Overview:

As the CISO, you will be responsible for establishing and maintaining the enterprise-wide information security vision, strategy, and program. You will oversee the protection of sensitive healthcare and laboratory data, ensuring compliance with all relevant regulations (e.g., HIPAA, HITECH, and GDPR). Reporting directly to the CIO (or CEO), you will collaborate with leadership, IT teams, and external stakeholders to safeguard the organization against emerging cyber threats.

Key Responsibilities:

Strategic Leadership:

• Develop and implement a comprehensive information security strategy aligned with the organization's goals.
• Lead the security governance program to protect sensitive patient, laboratory, and organizational data.

Risk Management:

• Conduct regular risk assessments and vulnerability analyses of systems, networks, and applications.
• Develop risk mitigation strategies and ensure effective incident response plans are in place.

Regulatory Compliance:

• Ensure compliance with healthcare-specific regulations such as HIPAA, HITECH, and CLIA.
• Stay updated on global and regional data protection laws and ensure compliance with applicable standards (e.g., GDPR, PCI-DSS).

Technology and Operations:

• Oversee the implementation of advanced cybersecurity technologies, including data encryption, endpoint protection, and SIEM solutions.
• Evaluate and manage third-party security tools, including those supporting laboratory operations.
• Ensure secure integration of laboratory information management systems (LIMS) with other healthcare systems.

Incident Management:

• Establish and lead a robust incident detection and response framework.
• Oversee investigations and coordinate remediation for any security breaches or incidents.

Collaboration and Communication:

• Provide regular updates to executive leadership on the state of the organization's cybersecurity posture.
• Partner with IT, compliance, legal, and clinical teams to align security initiatives with operational goals.

Qualifications:

Education:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Advanced degree (e.g., MBA, MS in Cybersecurity) is a plus.

Experience:

• Minimum of 10 years of progressive experience in information security, with at least 5 years in a leadership role.
• Experience in the healthcare industry, particularly in laboratory testing, is strongly preferred.
• Proven track record of managing cybersecurity in highly regulated environments.

Certifications:

• CISSP, CISM, or equivalent certifications required.
• CRISC, CEH, or healthcare-specific certifications (e.g., HCISPP) are a plus.

Skills:

• In-depth knowledge of healthcare-specific regulations (e.g., HIPAA, HITECH).
• Expertise in cybersecurity frameworks (e.g., NIST CSF, ISO 27001).
• Strong leadership and communication skills, with the ability to present complex security concepts to non-technical stakeholders.
• Experience in securing cloud environments, mobile devices, and remote work infrastructures.