Ann & Robert H. Lurie Children's Hospital of Chicago
Director Cybersecurity, GRC
Ann & Robert H. Lurie Children's Hospital of Chicago, Chicago, Illinois, United States, 60290
Join to apply for the
Director Cybersecurity, GRC
role at
Ann & Robert H. Lurie Children’s Hospital of Chicago . Ann & Robert H. Lurie Children’s Hospital of Chicago provides superior pediatric care in a setting that offers the latest benefits and innovations in medical technology, research, and family‑friendly design. As the largest pediatric provider in the region with a 140‑year legacy of excellence, kids and their families are at the center of all we do. The hospital is ranked in all 10 specialties by the U.S. News & World Report. Location
680 Lake Shore Drive Job Description
Directs the enterprise Governance, Risk and Compliance (GRC) program, setting strategic vision and ensuring alignment with NIST CSF, PCI DSS, HIPAA, and HITECH. Provides executive‑level leadership in risk management, compliance, policy, and third‑party oversight. Essential Job Functions
Define and execute the organization’s GRC strategy in alignment with business objectives and regulatory requirements. Lead the development, implementation, and oversight of enterprise‑wide GRC programs. Provide expert guidance on risk‑based controls, incident response readiness, and audit preparedness. Oversee security awareness, data protection, and vulnerability management programs. Direct third‑party risk management, including contract security requirements and vendor reviews. Develop and report on GRC metrics for executive and board‑level audiences. Serve as a key liaison for internal and external audits and regulatory inspections. Advise leadership on emerging threats, regulatory changes, and security program maturity. Ensure integration of GRC into business continuity and disaster recovery planning. Represent cybersecurity interests in enterprise initiatives, partnerships, and clinical/research programs. Perform other related duties as assigned. Knowledge, Skills, and Abilities
7–10+ years’ experience in cybersecurity GRC, with at least 3 years in senior leadership. Bachelor’s degree required; Master’s preferred in Information Security, Computer Science, or related field. Deep expertise in NIST CSF, PCI DSS, HIPAA/HITECH and related standards. Proven track record in building and leading GRC programs. Strong executive communication and stakeholder management skills. Relevant certifications (e.g., CISSP, CISM, CISA, CCSP) required. Pay Range
$166,400.00–$274,560.00 Salary Benefits
For full‑time and part‑time employees who work 20 or more hours per week we offer a generous benefits package that includes: Medical, dental and vision insurance Employer paid group term life and disability Employer contribution toward Health Savings Account Flexible Spending Accounts Paid Time Off, Paid Holidays and Paid Parental Leave 403(b) with a 5% employer match Various Voluntary Benefits
Supplemental Life, AD&D and Disability Critical Illness, Accident and Hospital Indemnity coverage Tuition assistance Student loan servicing and support Adoption benefits Backup Childcare and Eldercare Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members Discount on services at Lurie Children’s facilities Discount purchasing program We’re Committed to Diversity
At Lurie Children’s, we embrace and celebrate building a team with a variety of backgrounds, skills, and viewpoints — recognizing that different life experiences strengthen our workplace and the care we provide to the Chicago community and beyond. We treat everyone fairly, appreciate differences, and make meaningful connections that foster belonging. This is a place where you can be your best, so we can give our best to the patients and families who trust us with their care. Lurie Children’s and its affiliates are equal employment opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin, ancestry, age, disability, marital status, pregnancy, protected veteran status, order of protection status, protected genetic information, or any other characteristic protected by law. Support email: candidatesupport@luriechildrens.org
#J-18808-Ljbffr
Director Cybersecurity, GRC
role at
Ann & Robert H. Lurie Children’s Hospital of Chicago . Ann & Robert H. Lurie Children’s Hospital of Chicago provides superior pediatric care in a setting that offers the latest benefits and innovations in medical technology, research, and family‑friendly design. As the largest pediatric provider in the region with a 140‑year legacy of excellence, kids and their families are at the center of all we do. The hospital is ranked in all 10 specialties by the U.S. News & World Report. Location
680 Lake Shore Drive Job Description
Directs the enterprise Governance, Risk and Compliance (GRC) program, setting strategic vision and ensuring alignment with NIST CSF, PCI DSS, HIPAA, and HITECH. Provides executive‑level leadership in risk management, compliance, policy, and third‑party oversight. Essential Job Functions
Define and execute the organization’s GRC strategy in alignment with business objectives and regulatory requirements. Lead the development, implementation, and oversight of enterprise‑wide GRC programs. Provide expert guidance on risk‑based controls, incident response readiness, and audit preparedness. Oversee security awareness, data protection, and vulnerability management programs. Direct third‑party risk management, including contract security requirements and vendor reviews. Develop and report on GRC metrics for executive and board‑level audiences. Serve as a key liaison for internal and external audits and regulatory inspections. Advise leadership on emerging threats, regulatory changes, and security program maturity. Ensure integration of GRC into business continuity and disaster recovery planning. Represent cybersecurity interests in enterprise initiatives, partnerships, and clinical/research programs. Perform other related duties as assigned. Knowledge, Skills, and Abilities
7–10+ years’ experience in cybersecurity GRC, with at least 3 years in senior leadership. Bachelor’s degree required; Master’s preferred in Information Security, Computer Science, or related field. Deep expertise in NIST CSF, PCI DSS, HIPAA/HITECH and related standards. Proven track record in building and leading GRC programs. Strong executive communication and stakeholder management skills. Relevant certifications (e.g., CISSP, CISM, CISA, CCSP) required. Pay Range
$166,400.00–$274,560.00 Salary Benefits
For full‑time and part‑time employees who work 20 or more hours per week we offer a generous benefits package that includes: Medical, dental and vision insurance Employer paid group term life and disability Employer contribution toward Health Savings Account Flexible Spending Accounts Paid Time Off, Paid Holidays and Paid Parental Leave 403(b) with a 5% employer match Various Voluntary Benefits
Supplemental Life, AD&D and Disability Critical Illness, Accident and Hospital Indemnity coverage Tuition assistance Student loan servicing and support Adoption benefits Backup Childcare and Eldercare Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members Discount on services at Lurie Children’s facilities Discount purchasing program We’re Committed to Diversity
At Lurie Children’s, we embrace and celebrate building a team with a variety of backgrounds, skills, and viewpoints — recognizing that different life experiences strengthen our workplace and the care we provide to the Chicago community and beyond. We treat everyone fairly, appreciate differences, and make meaningful connections that foster belonging. This is a place where you can be your best, so we can give our best to the patients and families who trust us with their care. Lurie Children’s and its affiliates are equal employment opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin, ancestry, age, disability, marital status, pregnancy, protected veteran status, order of protection status, protected genetic information, or any other characteristic protected by law. Support email: candidatesupport@luriechildrens.org
#J-18808-Ljbffr