Chief Information Security Officer (CISO) – IT Director of Security

Location: Spartanburg, SC 

Spartanburg Regional Healthcare System (SRHS) is a nationally recognized healthcare provider offering a full continuum of services to communities in Upstate South Carolina. With a commitment to quality care, innovation, and excellence, SRHS boasts a legacy of more than 100 years of trusted service, supported by a team of dedicated professionals and cutting-edge technology.

We are seeking an experienced and visionary Chief Information Security Officer (CISO) to join our Healthcare IT Team. Reporting directly to the Chief Information Officer (CIO), the CISO will lead our organization’s security efforts to safeguard the confidentiality, integrity, and availability of electronic protected health information (EPHI) and information systems. Serving as the HIPAA Security Officer, this role is instrumental in driving the strategic vision for a robust and adaptive security program.

Key Responsibilities:

Strategic Leadership: Collaborate with the CIO to establish the vision and strategic direction of the organization’s security program, aligning with best practice standards such as HIPAA and HITRUST. Serve as a key advisor to senior leadership on cybersecurity risks and solutions. Team and Budget Management: Lead and manage a team of 14+ IT security professionals, ensuring all projects and initiatives are completed on time and within budget. Foster a collaborative and high-performing team environment. Security Operations: Oversee the design, implementation, and maintenance of information security systems. Proactively identify, assess, and mitigate IT security threats and incidents. Develop and enforce security policies, procedures, and standards. Compliance and Risk Management: Act as the HIPAA Security Officer, ensuring organization-wide adherence to HIPAA requirements. Conduct information security risk assessments and implement mitigation strategies. Collaborate with finance, legal, corporate compliance, operations, and third-party auditors on security-related matters. Awareness and Reporting: Build a culture of security awareness through associate training programs and regular communication. Prepare and deliver detailed reports on IT security issues, risks, and incidents to key stakeholders. Vendor Management: Oversee contractor and vendor security protocols to ensure compliance with organizational standards.

Qualifications:

Education: Bachelor’s degree in Computer Science, Business Administration, or a related field; or equivalent combination of education and experience (required). Master’s degree in Computer Science, Business Administration, or a related field (preferred). Certifications: CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) (required). Experience: Minimum of 10 years of relevant information security experience (required). At least 5 years of IT management experience (required). Healthcare IT experience with a strong understanding of HIPAA regulations (preferred). Skills: Strong leadership and personnel/project management skills. Exceptional analytical and problem-solving abilities. Ability to maintain composure and sound judgment in high-pressure environments. Highly self-motivated, detail-oriented, and directed.

Why Join Spartanburg Regional Healthcare System?

At SRHS, you will be part of a mission-driven organization dedicated to improving the health and wellness of our community. You’ll work with a team of innovative and passionate professionals, leveraging advanced technologies to make a meaningful impact in the ever-evolving field of healthcare IT security.

Be a part of shaping the future of healthcare security at SRHS. Apply today and join us in delivering excellence every day!