Hoag is an approximately $1 billion nonprofit, regional health care delivery network in Orange County, California, that treats more than 25,000 inpatients and 369,000 outpatients annually. Hoag consists of two acute-care hospitals – Hoag Hospital Newport Beach, which opened in 1952, and Hoag Hospital Irvine– in addition to six health centers and nine urgent care centers. Hoag is a designated Magnet® hospital by the American Nurses Credentialing Center (ANCC).
Hoag offers a comprehensive blend of health care services that includes five institutes providing specialized services in the following areas: cancer, heart and vascular, neurosciences, women’s health, and orthopedics through Hoag’s affiliate, Hoag Orthopedic Institute, which consists of an orthopedic hospital and two ambulatory surgical centers.
In 2013, Hoag entered into an alliance with St. Joseph Health to further expand health care services in the Orange County community, known as St. Joseph Hoag Health. Hoag has been named one of the Best Regional Hospitals in the U.S. News & World Report Metro Edition. We are proud of our culture and Becker’s recognized Hoag as “150 Great Places to Work in Healthcare”. In addition, Healthgrades’ named Hoag as one of the ‘50 Best Hospitals’ in 2017
Under the leadership and direction of our President & Chief Executive Officer, the Chief Information Security Officer (CISO) will be responsible for determining enterprise information security standards for Hoag’s regional health care delivery network. The CISO develops and implements information security standards and procedures, and ensures that all information systems are functional and secure. The CISO will be familiar with a variety of the field’s concepts, practices, and procedures and will rely on extensive experience and judgment to plan and accomplish goals. The position requires frequent interaction and presentations to Hoag Board of Directors and Audit & Compliance Committee.
Our ideal CISO candidate will focus on protecting valuable information and maintaining the confidentiality and integrity of data through advanced knowledge of security management, network security and protocols, data and application of solutions, and knowledge of industry trends and current and emerging risks. A key responsibility will be advising Hoag Hospital leadership on enterprise security strategy, security architecture, and security design work; works with business stakeholders to define the security and privacy policies.
The CISO will be responsible for leading innovation, guiding strategy and building a world-class IT security environment to protect the patient and employees we serve. In addition, the CISO will be responsible for mentoring, developing and building a highly specialized IT Security Team that focus on delivering projects on time and on schedule per the organization’s strategy. Duties also include effectively managing resources to meet the budgets, developing and delivering all projects, ROI, and monitoring of assets on time. In addition, the CISO will serve as an Advisor to the Hospital on compliance issues regarding information security and privacy regulations.
Additional key responsibilities will be supporting security and privacy audits and developing a mitigation strategy in accordance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework. The IT Security team will also maintain an audit dashboard to ensure all audit and compliance related issues are tracked through delivery. Some additional on-call coverage responsibilities may be required.
- Bachelor of Science degree (Computer Science, Accounting or related field). Master’s degree preferred.
- 7+ years of relevant security and supervisory experience required. Approximately 12 years’ experience preferred unless a Master degree is reached.
- NIST Cybersecurity Framework. Well-rounded understanding of technology, operations and key business processes.
- Work collaboratively and partner with internal stakeholders, i.e. Executive Management Team, Board of Directors, Audit & Compliance Committee, Medical Executive Committee, Nursing Leadership and the IT Department.
- Re-engineering /process improvement experience, leading and coaching security improvement projects.
- IT Security experience in a healthcare system/provider environment preferred.
- CISSP. Two or more relevant industry certifications in networking and technology certifications preferred. May substitute an equivalent combination of education, certifications and experience.
- Knowledge and understanding of health care (Security, Privacy, Patient Health Information and HIPAA) laws and regulations.
- Strong executive stage presence.
- Visioning, presentation, influencing abilities and strong leadership skills are a must in order to be successful in this role.
*Relocation Allowance will be provided by Hoag
*Please Note: Hoag will NOT be entertaining any Staffing Agencies, Search Firms, 1099 Consultants and/or Interim Management Placement Companies.