<p>Job Requirements</p> <p>POSITION SUMMARY</p> <p>The Principal Cyber Security Delivery Lead is critical to the mission of protecting and enforcing safeguards for sensitive patient data to ensure dependable and constant regulatory compliance standards, while enabling for a secure digital transformation across Health First's Integrated Delivery Network (IDN). Under the direction of the Director of Information Technology (IT) Planning & Governance, while collaborating with the Vice President, Chief Information Security Office, the Principal Cyber Security Delivery Lead develops and implements architectures for clinical and administrative systems environments, ensuring overall operational security, while overseeing the delivery of essential Cyber Security service teams. The Principal Cyber Security Service Lead works to merge strategic security architecture, with a hands-on service deliver guidance to promote and support the overall cyber wellness across the IDN.</p> <p>PRIMARY ACCOUNTABILITES</p> <ul> <li>Develops, implements, and maintains secure architecture frameworks to enterprise systems, cloud platforms, critical infrastructure and security reference architectures and systems aligned with regulatory requirements, and Health First's mission and vision. </li><li>Leads and evaluates design reviews, threat modeling, and risk assessment for major technology projects such as implementations, noting opportunities for improvement to mitigate risk factors. </li><li>Serves as an advisor to IT, Clinical, Administrative, and Compliance stakeholders to embed security initiatives into the development of systems, ensuring alignment with the IDNs workflows. </li><li>Directs the execution and implementation of Cybersecurity projects, coordinating applicable teams as needed to ensure the succession of projects, ensuring alignment from all stakeholders, while defining Service Level Objectives (SLOs) and Key Performance Indicators (KPIs) and metrics to ensure the effectiveness of all cybersecurity services post-delivery. </li><li>Oversees and reviews the continuous supply of cybersecurity provisions such as Identity and Access Management (IAM), Vulnerability Management, Incident Response, and Security Monitoring to ensure a consistent workflow and delivery of services to the IDN. </li><li>Partners with IT, Clinical and Administrative operations, Compliance to integrate security into vital workflows and technologies </li><li>Acts as a point of escalation for technical and operational cybersecurity issues or incidents, providing expert assistance, driving for a swift resolution in efforts to mitigate gaps in service. </li><li>Conducts research and evaluations on emerging technologies, applications, tools, and platforms from a cybersecurity lens, often recommending adoption paths, while continuously offering optimization solutions to meet Health First's and all regulatory evolving needs. </li></ul> <p>Work Experience</p> <p>MINIMUM QUALIFICATIONS</p> <p>Education: Bachelor's degree in Computer Science, Information Technology, Engineering, or relevant field.</p> <p>Work Experience: Seven (7) years' experience in cyber security with at least five (5) of those years leading others in projects.</p> <p>Licensure: None</p> <p>Certification: Any one of the following within twelve (12) months of start date and maintained:</p> <ul> <li>(CISSP) OR </li><li>(CISM) OR </li><li>Related similar expert-level certification. </li></ul> <p>Skills/Knowledge/Abilities:</p> <ul> <li>Proficient in Microsoft Office - Outlook, Word, Excel, PowerPoint, etc. </li><li>Proven expertise across multiple domains such as network security, cloud security (AWS, Azure, GCP), IAM, and data protection. </li><li>Strong knowledge of security frameworks (NIST, CIS, ISO 27001) and regulatory requirements (GDPR, HIPAA, PCI, etc.). </li><li>Strong understanding of risk management practices and the ability to translate technical risk into business impact. </li><li>Demonstrated success in leading the delivery of complex security solutions and services. </li><li>Ability to motivate and lead others through projects and implementations. </li><li>Excellent communication and stakeholder engagement skills, with the ability to influence at all levels. </li></ul> <p>PREFERRED QUALIFICATIONS</p> <p>Education: Master's degree in Computer Science, Information Technology, or Engineering.</p> <p>Work Experience:</p> <ul> <li>Three (3) years' experience in a principal architecture related role. </li><li>Previous experience with NISF CSF and HIPAA. </li><li>Skills/Knowledge/Abilities: Familiarity with modern security technologies and platforms, including SIEM, SOAR, EDR, CASB, and Zero Trust architectures. </li></ul> <p>PHYSICAL REQUIREMENTS</p> <ul> <li>Majority of time involves sitting or standing; occasional walking, bending, and stooping. </li><li>Long periods of computer time or at workstation. </li><li>Light work that may include lifting or moving objects up to 20 pounds with or without assistance. </li><li>May be exposed to inside environments with varied temperatures, air quality, lighting and/or low to moderate noise. </li><li>Communicating with others to exchange information. </li><li>Visual acuity and hand-eye coordination to perform tasks. </li><li>Workspace may vary from open to confined. </li><li>May require travel to various facilities within and beyond county perimeter; may require use of personal vehicle. </li></ul> <p>Benefits</p> <p>ABOUT HEALTH FIRST</p> <p>At Health First, diversity and inclusion are essential for our continued growth and evolution. Working together, we strive to build and nurture a culture that recognizes, encourages, and respects the diverse voices of our associates. We know through experience that different ideas, perspectives, and backgrounds create a stronger and more collaborative work environment that delivers better results. As an organization, it fuels our innovation and connects us closer to our associates, customers, and the communities we serve.</p> <p>Schedule : Full-Time</p>