CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.

While you're busy impacting the healthcare industry, we'll take care of you with benefits that include:
Medical/Dental/Vision, FSA, Dependent Care Spending Account, Life Insurance, Short and Long-term Disability, 401k match, Paid Time Off, Wellness Program, Tuition Reimbursement, Accidental Insurance, Critical Illness Insurance, Identity Theft Protection, Employee Assistance Program, and more!

This role supports CommonSpirit facilities on site in the Utah, Kansas and Colorado markets, where the incumbent will reside.

Job Summary / Purpose

The Region Cybersecurity Officer (RCO) is aligned to a region or service line (“region”) and is the face of Cybersecurity in the field, ensures CommonSpirit Cybersecurity requirements are in place and partners throughout the region to enable secure solutions in line with National strategies.  The ideal candidate will have a strong background in cybersecurity, with excellent leadership, communication, and problem-solving skills.  

Essential Job Responsibilities 

• Lead the strategic delivery, standardization and maturity of services in line with National strategy across assigned region including: 

• Cybersecurity Risk Assessments - Conduct security region rounding (including physical and environmental controls), ad-hoc assessments and participate in national assessments supporting region solutions.
• Cybersecurity Policy Exceptions Process - Support the national Policy Exception Process for region requests and processing.  
• System Patching Oversight - Serve as a point of escalation for region patching compliance and support for gaps in the patching program.
• Third Party Assessment Support - Support Security Risk Assessments for CommonSpirit vendors and third party requests for CommonSpirit to complete security questionnaires
• Cybersecurity Guidance - Provide general and project specific guidance to the region on cybersecurity policies and standards.  
• Regulatory Compliance Support - Support region compliance with HIPAA, PCI DSS, Promoting Interoperability and other regulations as identified.  Serve as a key resource for medical staff, employees and leadership for regulatory guidance and audit support.  
• Cybersecurity Incident Support - Manage region security incidents and support national incidents with region applicability (includes physical security incidents impacting technology and/or confidential information).  
• Audit Support - Participate in security audits including assisting with development of corrective action plans and overseeing implementation.
• Remediation Tracking and Validation -Support National with past due or non-responsive region remediation (aka corrective action plans or CAPs).
• Cybersecurity Awareness Training - Oversees implementation of cybersecurity awareness training within the region and helps coordinate distribution of materials at facilitates.
• Actively and purposefully aligns with other regions and the National Cyber Program through dotted line reporting into the National Director of Regional Cybersecurity Alignment and Enablement. 

Required Education and Experience

• Bachelor’s degree in related technical/business areas or equivalent work experience.
• One of the following or similar preferred: CRISC, CISSP, CISM or CISA
• 7+ years of technical and business experience
• 5+ years Information Technology leadership experience
• 5+ Leadership experience in leading through influence at all levels 
• Experience building and leading strategic programs