System VP IT Cybersecurity Vigilance and Defense

CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.

System Vice President of Cyber Vigilance & Defense leads our organization's efforts in safeguarding against cyber threats and ensuring the proactive identification and response to security incidents. In this role, you will oversee a comprehensive cyber defense program encompassing security operations center (SOC), threat intelligence, attack surface management, offensive security operations, cyber hygiene, incident response, forensics, and investigations. The ideal candidate will have extensive experience in cybersecurity leadership roles, with expertise in developing and executing strategies to defend against advanced cyber threats and enhance the organization's cyber resilience. Exceptional leadership, strategic planning, and communication skills are essential, as you will lead a multidisciplinary team and collaborate with stakeholders to mitigate security risks effectively.

**This is a Remote Opportunity**

● Develop and implement a comprehensive cyber defense strategy and roadmap aligned with organizational goals, risk tolerance, and industry best practices.
● Oversee the security operations center (SOC) and oversee 24/7 monitoring, detection, and response to security incidents and threats, ensuring timely and effective incident response.
● Oversee the threat intelligence program, including the collection, analysis, and dissemination of actionable intelligence to support proactive threat detection and response.
● Oversee the attack surface management efforts to assess and reduce the organization's attack surface, including external-facing assets and internal infrastructure, to mitigate security risks.
● Oversee offensive security operations, including penetration testing, red team exercises, and adversary emulation, to identify and address vulnerabilities and security gaps.
● Oversee cyber hygiene initiatives to promote security awareness, best practices, and proactive security measures across the organization.
● Oversee incident response plan including activities, incident detection, containment, eradication and recovery, in collaboration with internal teams and external partners.

● Oversee digital forensics and investigations, including evidence collection, analysis, and preservation, to support incident response and legal proceedings.
● Develop and maintain relationships with external partners, including law enforcement agencies, industry peers, and cybersecurity vendors, to enhance threat intelligence and incident response capabilities.
● Provide strategic guidance and recommendations to senior leadership and stakeholders on cyber vigilance and defense matters, including risk management, resource allocation, and investment priorities.
● Stay informed about emerging cyber threats, vulnerabilities, and industry best practices, and incorporate this knowledge into the development of cyber defense strategies and capabilities.
● Monitor and report on key performance indicators (KPI's) and metrics related to cyber vigilance and defense, demonstrating progress and effectiveness to senior leadership and stakeholders.

Key Competencies:
● Cybersecurity Leadership: Extensive experience in cybersecurity leadership roles, with a proven track record of developing and executing effective cyber defense strategies and programs.
● Strategic Planning: Strong strategic planning skills to develop long-term cyber defense roadmaps aligned with organizational objectives and industry best practices.
● Technical Expertise: Deep understanding of cybersecurity technologies, tools, and techniques across a range of domains, including security operations, threat intelligence, attack surface management, offensive security, and incident response.
● Leadership and Communication: Exceptional leadership, communication, and interpersonal skills, with the ability to inspire and motivate teams and effectively communicate with stakeholders at all levels.
● Problem-Solving Abilities: Strong analytical and problem-solving skills to assess security risks, identify root causes, and develop effective mitigation strategies.
● Collaboration and Teamwork: Ability to collaborate effectively with cross-functional teams and external partners to achieve common goals and objectives in cyber vigilance and defense.
● Compliance and Regulatory Knowledge: Understanding of relevant cybersecurity regulations, compliance standards, and industry frameworks, and the ability to ensure compliance within cyber defense practices.
● Continuous Learning: Commitment to continuous learning and professional development, staying updated on emerging threats, trends, and technologies in cybersecurity.
● Crisis Management: Ability to remain calm and composed under pressure during security incidents, making timely and informed decisions to minimize the impact on the organization.

Required Education and Experience

• Master’s degree in related technical/business areas or equivalent work experience

Required Licensure and Certifications:

• One of the following or similar preferred: CRISC, CISSP, CISM or CISA

Required Minimum Knowledge, Skills, Abilities and Training:

• 15+ years of technical and business experience
• 10+ years Information Technology leadership experience
• 10+ Leadership experience in managing cross-functional teams and influencing at all levels
• Experience building, leading and sustaining high performing teams  
• Experience building and leading strategic programs
• Strong written and verbal communication skills