Covenant Health
Overview
Director of Cybersecurity, IT Cybersecurity at Covenant Health. Full-Time, Day Shift, 80 hours per pay period. Covenant Health Overview: Covenant Health is the region’s top-performing healthcare network with 10 hospitals, outpatient and specialty services, and Covenant Medical Group. Headquartered in Knoxville, Covenant Health is a community-owned integrated healthcare delivery system and the area’s largest employer. Position Summary
The Director of Cybersecurity reports to the Chief Information Security Officer (CISO) and is responsible for overseeing cybersecurity operations and strategy within Covenant Health. This role ensures Confidentiality, Integrity, and Availability of information assets, particularly sensitive data (PHI). This role also involves setting the vision and direction for cybersecurity services, implementing standards and security policies that are maintained, and managing technical implementation projects. The Director of Cybersecurity has financial and budgetary responsibilities, manages a wide range of vendors and external partners, and personnel management within the cybersecurity area. This position leads and ensures performance management and career development for an extended team of cybersecurity professionals. The role also involves developing strategic cybersecurity roadmaps and collaborating with other IT and clinical technology teams within the health system to secure sensitive data and ensure compliance with HIPAA regulations. Recruiter
Susanna Mcguinn || apply@covhlth.com Responsibilities
Leadership
Direct and provide leadership to all cybersecurity staff, including Security Analysts, Incident Responders, and Compliance Specialists Change Agent
Support and lead efforts to change team cultures, dynamics, processes, and technologies that provide modern solutions to the organization Team Management
Lead cybersecurity management team to ensure performance management and career development. Provide technical leadership and direction, delegate responsibilities appropriately, and identify management development opportunities Staff Development
Provide leadership, development, coaching, and guidance to ensure the appropriate departmental developmental goals are set and achieved Ongoing Continuous Development
Champion innovative efforts and stay abreast of leading-edge solutions for recruitment, development, and retention of the cybersecurity workforce Cybersecurity Operations
Operations Oversight
Oversee the day-to-day operations of cybersecurity measures, including monitoring, detection, and response to security incidents Incident Response
Lead the incident response team in managing and resolving security breaches and incidents Compliance
Ensure compliance with HIPAA and other relevant regulations and standards Technical Implementation
Lead technical implementation projects related to cybersecurity, creating plans and strategies to meet the needs of the organization Continuous Improvement
Stay informed about emerging technologies and industry trends, making recommendations for improvement Strategic Planning & Implementation
Strategic Planning
Develop and maintain strategic cybersecurity roadmaps, provide tactical action plans, and ensure optimum planning of cybersecurity projects and resources Resource Planning
Conduct proactive resource planning based on anticipated demand Milestone Establishment
Establish deliverables and projected milestones for solution delivery in partnership with business leaders and Senior Executives Technical Roadmap
Lead the development of cybersecurity strategies and technical roadmap, ensuring integration with overall IT and organizational strategies Vendor & Budget Management
Vendor Management
Manage relationships with cybersecurity vendors, ensuring contracts and agreements are in place and vendor performance meets standards Budget Management
Develop annual operating budgets and long-term capital budgets for cybersecurity projects Operational Efficiency
Performance Monitoring
Monitor network and systems performance, ensuring availability and reliability; perform capacity planning Service Management
Oversee operational and service management processes to ensure performance of all technology subcontractors Collaboration & Relationship Building
Collaboration
Collaborate with other IT teams and clinical IT teams to ensure alignment and integration of cybersecurity services within the health system Relationship Building
Develop relationships with key business leaders to identify service gaps and propose solutions. Maintain credibility with key individuals at hospitals and corporate offices, along with Legal, HR, and Privacy/Compliance Security Awareness and Training Programs
Training Programs
Develop and implement security awareness and training programs for employees to ensure they understand and adhere to cybersecurity policies and procedures Third-Party Risk Management
Risk Management
Oversee the assessment and management of cybersecurity risks associated with third-party vendors, partners, and bio-medical devices Policy Development and Enforcement
Policy Development
Develop, implement, and enforce cybersecurity policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices Security Architecture and Design
Architecture and Design
Lead the design and implementation of secure network architectures and systems to protect sensitive data and ensure the integrity of IT infrastructure Incident Management and Forensics
Incident Management
Oversee incident management and forensic investigations to identify root causes, mitigate risks, and prevent future incidents Regulatory Compliance
Regulatory Compliance
Ensure compliance with HIPAA, HITECH, and other healthcare-specific cybersecurity requirements Business Continuity and Disaster Recovery
Continuity and Recovery
Develop and maintain business continuity and disaster recovery plans to ensure the organization can quickly recover from cybersecurity incidents Other Responsibilities
Local Travel Required for the role Other Duties Perform other related duties as assigned Education
None specified; will accept any combination of formal education and/or prior work experience sufficient to demonstrate possession of the knowledge, skill and ability needed to perform the essential tasks of the job, typically such as would be equivalent to a Bachelor’s degree. Preference may be given to individuals possessing a Bachelor’s degree in Cybersecurity, Information Technology or a directly-related field from an accredited college or university. Experience
Minimum of 7 years of leadership experience in cybersecurity within an enterprise-sized IT organization is required. Licensure
Employee must have a valid Tennessee driver’s license and state mandated minimum insurance coverage. Driving record must meet Covenant Health minimum standards at the date of hire and throughout employment tenure. Seniority level
Director Employment type
Full-time Job function
Engineering and Information Technology Industries Hospitals and Health Care
#J-18808-Ljbffr
Director of Cybersecurity, IT Cybersecurity at Covenant Health. Full-Time, Day Shift, 80 hours per pay period. Covenant Health Overview: Covenant Health is the region’s top-performing healthcare network with 10 hospitals, outpatient and specialty services, and Covenant Medical Group. Headquartered in Knoxville, Covenant Health is a community-owned integrated healthcare delivery system and the area’s largest employer. Position Summary
The Director of Cybersecurity reports to the Chief Information Security Officer (CISO) and is responsible for overseeing cybersecurity operations and strategy within Covenant Health. This role ensures Confidentiality, Integrity, and Availability of information assets, particularly sensitive data (PHI). This role also involves setting the vision and direction for cybersecurity services, implementing standards and security policies that are maintained, and managing technical implementation projects. The Director of Cybersecurity has financial and budgetary responsibilities, manages a wide range of vendors and external partners, and personnel management within the cybersecurity area. This position leads and ensures performance management and career development for an extended team of cybersecurity professionals. The role also involves developing strategic cybersecurity roadmaps and collaborating with other IT and clinical technology teams within the health system to secure sensitive data and ensure compliance with HIPAA regulations. Recruiter
Susanna Mcguinn || apply@covhlth.com Responsibilities
Leadership
Direct and provide leadership to all cybersecurity staff, including Security Analysts, Incident Responders, and Compliance Specialists Change Agent
Support and lead efforts to change team cultures, dynamics, processes, and technologies that provide modern solutions to the organization Team Management
Lead cybersecurity management team to ensure performance management and career development. Provide technical leadership and direction, delegate responsibilities appropriately, and identify management development opportunities Staff Development
Provide leadership, development, coaching, and guidance to ensure the appropriate departmental developmental goals are set and achieved Ongoing Continuous Development
Champion innovative efforts and stay abreast of leading-edge solutions for recruitment, development, and retention of the cybersecurity workforce Cybersecurity Operations
Operations Oversight
Oversee the day-to-day operations of cybersecurity measures, including monitoring, detection, and response to security incidents Incident Response
Lead the incident response team in managing and resolving security breaches and incidents Compliance
Ensure compliance with HIPAA and other relevant regulations and standards Technical Implementation
Lead technical implementation projects related to cybersecurity, creating plans and strategies to meet the needs of the organization Continuous Improvement
Stay informed about emerging technologies and industry trends, making recommendations for improvement Strategic Planning & Implementation
Strategic Planning
Develop and maintain strategic cybersecurity roadmaps, provide tactical action plans, and ensure optimum planning of cybersecurity projects and resources Resource Planning
Conduct proactive resource planning based on anticipated demand Milestone Establishment
Establish deliverables and projected milestones for solution delivery in partnership with business leaders and Senior Executives Technical Roadmap
Lead the development of cybersecurity strategies and technical roadmap, ensuring integration with overall IT and organizational strategies Vendor & Budget Management
Vendor Management
Manage relationships with cybersecurity vendors, ensuring contracts and agreements are in place and vendor performance meets standards Budget Management
Develop annual operating budgets and long-term capital budgets for cybersecurity projects Operational Efficiency
Performance Monitoring
Monitor network and systems performance, ensuring availability and reliability; perform capacity planning Service Management
Oversee operational and service management processes to ensure performance of all technology subcontractors Collaboration & Relationship Building
Collaboration
Collaborate with other IT teams and clinical IT teams to ensure alignment and integration of cybersecurity services within the health system Relationship Building
Develop relationships with key business leaders to identify service gaps and propose solutions. Maintain credibility with key individuals at hospitals and corporate offices, along with Legal, HR, and Privacy/Compliance Security Awareness and Training Programs
Training Programs
Develop and implement security awareness and training programs for employees to ensure they understand and adhere to cybersecurity policies and procedures Third-Party Risk Management
Risk Management
Oversee the assessment and management of cybersecurity risks associated with third-party vendors, partners, and bio-medical devices Policy Development and Enforcement
Policy Development
Develop, implement, and enforce cybersecurity policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices Security Architecture and Design
Architecture and Design
Lead the design and implementation of secure network architectures and systems to protect sensitive data and ensure the integrity of IT infrastructure Incident Management and Forensics
Incident Management
Oversee incident management and forensic investigations to identify root causes, mitigate risks, and prevent future incidents Regulatory Compliance
Regulatory Compliance
Ensure compliance with HIPAA, HITECH, and other healthcare-specific cybersecurity requirements Business Continuity and Disaster Recovery
Continuity and Recovery
Develop and maintain business continuity and disaster recovery plans to ensure the organization can quickly recover from cybersecurity incidents Other Responsibilities
Local Travel Required for the role Other Duties Perform other related duties as assigned Education
None specified; will accept any combination of formal education and/or prior work experience sufficient to demonstrate possession of the knowledge, skill and ability needed to perform the essential tasks of the job, typically such as would be equivalent to a Bachelor’s degree. Preference may be given to individuals possessing a Bachelor’s degree in Cybersecurity, Information Technology or a directly-related field from an accredited college or university. Experience
Minimum of 7 years of leadership experience in cybersecurity within an enterprise-sized IT organization is required. Licensure
Employee must have a valid Tennessee driver’s license and state mandated minimum insurance coverage. Driving record must meet Covenant Health minimum standards at the date of hire and throughout employment tenure. Seniority level
Director Employment type
Full-time Job function
Engineering and Information Technology Industries Hospitals and Health Care
#J-18808-Ljbffr