<p>The VP & Chief Information Security Officer (CISO) reports to the SVP & Chief Information Officer and is a key member of the IT leadership team. The VP & CISO is responsible for developing, implementing, and maintaining a comprehensive cybersecurity strategy that protects the hospital's information assets, systems, and infrastructure. This includes establishing a multi-year roadmap, overseeing information security architecture, and ensuring regulatory compliance across the organization.</p> <p>The VP & CISO serves as a strategic advisor to executive leadership, the Audit Committee, and the Board of Trustees, effectively communicating risks and advocating for best practices in information security. This role will lead a dedicated security team and partner closely with cross-functional teams within a federated IT environment. This will include direct oversight of cybersecurity operations, incident response, governance, third-party risk management, and information security awareness programs.</p> <p>This is a strategic leadership role for a highly collaborative, service-driven, and visionary security professional. The ideal candidate will be an innovative thinker who balances risk with operational needs and who is passionate about protecting sensitive data in a mission-driven environment.</p> <p>This VP & CISO will:</p> <ul> <li>Contribute to departmental goals, ensuring adherence to policies, procedures, quality, safety, and regulatory compliance. </li><li>Build credibility with senior leadership, clinicians, and staff by providing informed leadership and participating in IT Governance and prioritization. </li><li>Partner with CIO, CTO, and VP of Applications to define IT strategy aligned with the organizational and IT strategic plans. </li><li>Evaluate IT changes for security risks; advises leadership on balancing security with usability to support BCH's mission. </li><li>Lead development and enforcement of enterprise information security policies, procedures, and programs. </li><li>Define and drives a long-term security strategy and program to safeguard BCH's information assets. </li><li>Manage vendor relationships, resolves issues, and oversees vendor/third-party risk management processes. </li><li>Lead security-related due diligence and integration for M&A activities. </li><li>Collaborate across disciplines to ensure cybersecurity policies and standards are applied consistently. </li><li>Support business technology planning with current insights and future-state vision. </li><li>Ensure processes are in place for budgeting and lifecycle planning of strategic and tactical initiatives. </li></ul> <p>Qualifications:</p> <ul> <li>BA degree in a STEM discipline required; MA degree preferred. </li><li>CISSP, CISM, or CISA certification required; CSM/CSPO preferred. </li><li>10+ years of IT or business leadership, with at least 5 years in a cybersecurity leadership role. </li><li>Experience in academic and healthcare industries preferred. </li><li>Extensive experience in security, regulatory compliance, and external audits. </li><li>Strong management, analytical, and communication skills; effective with clients and senior leadership. </li><li>Ability to evangelize IT security as essential to business operations; build trust and respect for security function. </li><li>Innovative leader skilled at motivating cross-functional, interdisciplinary teams. </li><li>In-depth knowledge of business risk, risk assessment, and risk-based decision-making. </li><li>Expertise in frameworks and standards: ISO 27001/27002, NIST, SANS-CAG, COBIT, COSO, ITIL, etc. </li><li>Well-versed in legal/regulatory requirements (PCI, HIPAA, FERPA, HI-TRUST, NIST). </li><li>Strong understanding of security impacts of cloud, SaaS, and IoT architectures. </li><li>Broad technical knowledge: OSI model, infrastructure, app dev, networks, enterprise architecture, etc. </li><li>Hands-on experience with security technologies: firewalls, IDS, encryption, IAM, MFA, anti-malware, etc. </li><li>Natural influencer and coalition builder; passionate about building high-performing teams. </li></ul> <p>Boston Children's Hospital offers competitive compensation and unmatched benefits</p>