As a part of the Tenet and Catholic Health Initiatives family, Conifer Health brings 30 years of healthcare industry expertise to clients in more than 135 local regions nationwide. We help our clients strengthen their financial and clinical performance, serve their communities and succeed at the business of healthcare. Conifer Health helps organizations transition from volume to value-based care, enhance the consumer and patient healthcare experience and improve quality, cost and access to healthcare. Are you ready to be part of our solutions? Welcome to the company that gives you the resources and incentives to redefine healthcare services, with a competitive benefits package and leadership to take your career to the next step!
Description As Coniferâ��s Chief Information Security Officer, you will oversee the Information Security Program, to identify and safeguard the organization from all known and emerging information and data security risks, in collaboration with the Information Technology, Compliance, Human Resources, and Legal teams. You will have overall responsibility for both the staff and management processes that protect our organizationâ��s data from the ever-present threats that insecure and dangerous technology hackers create. You will be ultimately responsible for overseeing our current Data, IT and Information Security, any new software or hardware modifications and implementing new security protocols to be used by the organization to secure all forms of data and technology that could impact upon overall data security.
Responsibilities Define scope of responsibility for the Company â�¢ Understand the scope of each Business Lineâ��s portfolio & services, client landscape, and assets managed by Businesses. â�¢ Implement Cybersecurity single point of contacts throughout the organization. â�¢ Develop the companyâ��s cybersecurity budget and propose business financial cases to present for the annual budgeting process. â�¢ Responsibly manage the companyâ��s cybersecurity budget by meeting financial targets. â�¢ Act as a Cybersecurity consultant to the Company and its affiliates. â�¢ Ensure coordination and alignment with information security counterparts who support Coniferâ��s clients.
Implement a comprehensive Information Security Program Serve as the organizational subject-matter expert on cybersecurity â�¢ Develop and implement a comprehensive Information Security Program across the company. â�¢ Ensure alignment with Coniferâ��s Ethics and Compliance Program (e.g., incident management, escalation, procedure development, communication, education, etc.) â�¢ Implement appropriate information security policies and controls â�¢ Conduct and support program gap analyses and implement controls to address gaps â�¢ Manage (or monitor) the Cybersecurity audits and risk assessments requested by Customers/Clients â�¢ In collaboration with organizational leaders, make recommendations for appropriate remediation and monitor status of plan completion â�¢ Define and monitor cybersecurity KPIs for the Company â�¢ In collaboration with Human Resources and Compliance, develop and maintain appropriate security protocols and relevant disciplinary actions (e..g, onboarding and off-boarding protocols, initial and refresher training, etc.) â�¢ Develop secure software development principles for the technology team and ensure its compliance â�¢ Ensure consistency of practice across all company locations, both on- and off-shore
Promote a culture of cybersecurity awareness â�¢ In coordination with Human Resource and Compliance, define and establish a Cybersecurity training program for relevant resources and employees based on policies and guidelines â�¢ Promote a culture of security integration and responsibility throughout the organization â�¢ Ensure that each of the business teams responsible for their work receive adequate training to keep data security in the forefront of their minds. This includes providing both general and role-based training where warranted.
Assess, monitor, and proactively mitigate known and emerging Cybersecurity Risks â�¢ Perform routine risk assessments for Company applications, digital services, infrastructure, and business delivery â�¢ Stay abreast of the latest security technologies, trends, and threats to assist in management of the companyâ��s protection model â�¢ Maintain a dynamic threat assessment report based on Industry threats, trends, infrastructure, applications, critical services, and regulatory requirements â�¢ Actively monitor the Company environment for potential threats and enact appropriate mitigation measures â�¢ Design, build and integrate relevant Cybersecurity solutions and processes to protect the Company and our clients â�¢ Establish cybersecurity maturity model targets and programs to assist the company in reaching a level of maturity and protection commensurate with the business and industry. â�¢ Develop and implement a Data Loss Prevention Program to protect the Companyâ��s Intellectual Property and client information. â�¢ Identify, produce and implement software tools and technologies that will prevent data security threats to the company for internal and external forces.
Identify, manage, and remediate security incidents â�¢ In coordination with the Compliance team, serve as an escalation point for Company security incidents â�¢ Act as a Liaison with applicable state and federal agencies during security incidents â�¢ Establish a Cybersecurity Incident Response Program for appropriate management of security incidents. â�¢ In coordination with the Privacy Officer, ensure appropriate monitoring of physical security controls. â�¢ Lead remediation activities for security incidents. â�¢ Perform Root Cause Analyses for incidents, including short and long-term mitigation actions to prevent recurrences. â�¢ Represent the organization during the security-related crisis communication process. â�¢ Identify external forensic services for use as required for security incident investigations.
Establish escalation and reporting mechanisms to senior leadership â�¢ Function as the cybersecurity risk owner as part of the organizationâ��s enterprise risk management process â�¢ Escalate significant security incidents to senior leadership. â�¢ Function as a liaison between Company executives and the business organization for all security initiatives or concerns.
Expected certifications and Education â�¢ Bachelorâ��s Degree in computer science, computer engineering, cybersecurity, digital forensics or related field required; Masterâ��s Degree preferred â�¢ 7-10 years of progressive IT experience and demonstrated experience in cybersecurity specifically â�¢ Required: Certified Information System Security Professional (CISSP) â�¢ Preferred: Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM); Certified Chief Information Security Officer (CCISO); ISO / IEC 27001 Lead Implementer or Auditor
Expected skills â�¢ Executive presence â�¢ Team building and leadership â�¢ Strong written and verbal communications â�¢ Security Technologist â�¢ Decisive â�¢ Calm and confident under pressure
Core behaviors: â�¢ Client Value & Service Excellence â�¢ Collaboration â�¢ Continuous learning & self-development â�¢ Diversity â�¢ Flexibility â�¢ Initiative â�¢ Professional Integrity â�¢ Resilience â�¢ Nimble
Job: Conifer Health Solutions
Primary Location: Frisco, Texas
Job Type: Full-time
Shift Type: Days
Employment practices will not be influenced or affected by an applicantâ��s or employeeâ��s race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status or any other legally protected status. Tenet will make reasonable accommodations for qualified individuals with disabilities unless doing so would result in an undue hardship.
Internal Number: 2105026878
About Conifer Health Solutions
Tenet Healthcare Corporation (NYSE: THC) is a diversified healthcare services company headquartered in Dallas with 112,000 employees. Through an expansive care network that includes United Surgical Partners International, we operate 65 hospitals and approximately 510 other healthcare facilities, including surgical hospitals, ambulatory surgery centers, urgent care and imaging centers and other care sites and clinics. We also operate Conifer Health Solutions, which provides revenue cycle management and value-based care services to hospitals, health systems, physician practices, employers and other clients. Across the Tenet enterprise, we are united by our mission to deliver quality, compassionate care in the communities we serve.