Job Specifications
Overview
Director of Cybersecurity , IT Cybersecurity
Full-Time, Day Shift, 80 hours per pay period
Covenant Health Overview
Covenant Health is the region’s top-performing healthcare network with 10 hospitals , outpatient and specialty services , and Covenant Medical Group , our area’s fastest-growing physician practice division. Headquartered in Knoxville, Covenant Health is a community-owned integrated healthcare delivery system and the area’s largest employer. Our more than 11,000 employees, volunteers, and 1,500 affiliated physicians are dedicated to improving the quality of life for the more than two million patients and families we serve every year. Covenant Health is the only healthcare system in East Tennessee to be named a Forbes “Best Employer” seven times.
Position Summary
The Director of Cybersecurity reports to the Chief Information Security Officer (CISO) and is responsible for overseeing cybersecurity operations and strategy within Covenant Health. This role ensures Confidentiality, Integrity, and Availability of information assets, particularly sensitive data (PHI). This role also involves setting the vision and direction for cybersecurity services, implementing standards and security policies that are maintained, and managing technical implementation projects. The Director of Cybersecurity has financial and budgetary responsibilities, manages a wide range of vendors and external partners, and personnel management within the cybersecurity area. This position leads and ensures performance management and career development for an extended team of cybersecurity professionals. The role also involves developing strategic cybersecurity roadmaps and collaborating with other IT and clinical technology teams within the health system to secure sensitive data and ensure compliance with HIPAA regulations.
Recruiter: Susanna Mcguinn || apply@covhlth.com
Responsibilities
Leadership & Team Management
Leadership: Direct and provide leadership to all cybersecurity staff, including Security Analysts, Incident Responders, and Compliance Specialists
Change Agent: Support and lead the efforts to change team cultures, dynamics, processes, and technologies that provide modern solutions to the organization
Team Management: Lead cybersecurity management team to ensure performance management and career development. Provide technical leadership and direction, delegate responsibilities appropriately, and identify management development opportunities
Staff Development: Provide leadership, development, coaching, and guidance to ensure the appropriate departmental developmental goals are set and achieved
Ongoing Continuous Development: Champion innovative efforts and stay abreast of leading-edge solutions for recruitment, development, and retention of the cybersecurity workforce
Cybersecurity Operations
Operations Oversight: Oversee the day-to-day operations of cybersecurity measures, including monitoring, detection, and response to security incidents
Incident Response: Lead the incident response team in managing and resolving security breaches and incidents
Compliance: Ensure compliance with HIPAA and other relevant regulations and standards
Technical Implementation: Lead technical implementation projects related to cybersecurity, creating plans and strategies to meet the needs of the organization
Continuous Improvement: Stay informed about emerging technologies and industry trends, making recommendations for improvement
Strategic Planning & Implementation
Strategic Planning: Develop and maintain strategic cybersecurity roadmaps, provide tactical action plans, and ensure optimum planning of cybersecurity projects and resources
Resource Planning: Conduct proactive resource planning based on anticipated demand
Milestone Establishment: Establish deliverables and projected milestones for solution delivery in partnership with business leaders and Senior Executives
Technical Roadmap: Lead the development of cybersecurity strategies and technical roadmap, ensuring integration with overall IT and organizational strategies
Vendor & Budget Management
Vendor Management: Manage relationships with cybersecurity vendors, ensuring that contracts and agreements are in place and that vendor performance meets organizational standards
Budget Management: Develop annual operating budgets and long-term capital budgets for cybersecurity projects
Operational Efficiency
Performance Monitoring: Monitor network and systems performance, ensuring availability and reliability. Perform capacity planning
Service Management: Oversee operational and service management processes to ensure performance of all technology subcontractors
Collaboration & Relationship Building
Collaboration: Collaborate with other IT teams and clinical IT teams to ensure alignment and integration of cybersecurity services within the health system
Relationship Building: Develop relationships with key business leaders to identify service gaps and propose soluti
About the Company
Covenant Health is a not-for-profit, locally owned integrated healthcare enterprise with a mission to improve the quality of life in our communities through better health. Covenant Health serves a 25-county region of Tennessee and has more than 2 million patient encounters annually. Our 11,000+ employees, physicians and volunteers serve patients at our acute-care and behavioral health hospitals, outpatient facilities, homecare services, and more than 80 affiliated medical practices. We are nationally recognized for our endur...
Know more