Overall responsibilities:
· Recruit, develop, train, and retain staff ensuring they have the skills and tools to do their job.
· Monitor and continuously improve processes to ensure the organization’s objectives are being met.
· Measure performance and use that information to develop your team and processes.
· Provide strategic vision and leadership for the development, advancement, and support of Stamford Health’s cybersecurity program leveraging the NIST Framework.
· Measure and report on all cybersecurity activity to ensure visibility into effectiveness and overall impact on business operations and communicate risk to executive leadership.
· Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for information security administration, adoption and use of technology and infrastructure including Artificial Intelligence (AI).
· Implement and promote awareness with ongoing training and remediation to ensure a culture of strong information security including yearly tabletop exercises.
· Collaborate with our Business Continuity team on enterprise-wide disaster recovery and business continuity plans, procedures, audits, enhancements, and recurring testing, including emergency preparedness.
· Ensures role-based access rights based on the minimum necessary rule for access to PHI and clinical systems as well as financial controls.
· Work with Stamford Health leadership, the Corporate Compliance and Privacy Officer to establish and maintain a culture of compliance and cyber security policies.
· Oversee the planning and implementation of enterprise IT systems, business operations, and facility defenses against security breaches and vulnerability issues.
· Monitor all project, request and incident throughput of the team to ensure SLAs are met.
· Perform regular system and infrastructure audits/reviews to ensure proper administration of security policies, activities, and standards.