VP, Cybersecurity & CISO - IT Administration - Full Time

Sayre, PA, United States
May 27, 2020


Job Description

Guthrie Entity

The Guthrie Clinic



40 hrs/wk

Pay Grade


FLSA Status


Main Function

This position will be a member of the Information Services Leadership team. Working with senior management, the CISO will assess and coordinate the process to build a system-wide information security strategy and vision. The CISO oversees the creation and maintenance of information security policy, leads security risk assessment efforts, and owns the health system awareness and training program. He/She also advises and collaborates on development of business continuity and disaster recovery plans, IT related audits, and governmental compliance practices in collaboration with The Guthrie Clinic’s (TGC) Office of Compliance & Audits.

The CISO serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of patient, business partners, employees and business information in compliance with the organization's information security policies. A key element of the cybersecurity role is working with executive management to determine acceptable levels of risk for the organization. The role requires knowledge of the health care provider business environment and ensures that information systems are maintained in a fully functional reliable and secure mode.

They will manage, lead and mentor a team in all areas of technology from security, infrastructure, data warehouses, storage. virtualization mobile technology, cloud, networks, and telecommunications.


Bachelor’s Degree in Information Technology, Computer Science, Information Security or other related area. Advanced degree preferred.

Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired. Certification is required in the first 12 months.


  • Minimum of eight to 10 years of experience in a combination of risk management, information security and IT jobs. At least four must be in a senior leadership role. Employment history must demonstrate increasing levels of responsibility.
  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
  • Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.
  • Certifications in Microsoft/Cisco/VMware and Epic technologies preferred
  • ITIL or PMI Certification is preferred
  • Must have a strong hands-on/technical knowledge of core Microsoft technologies including but not limited to Windows Servers, Active Directory, MS SQL and core Network/Cisco technologies like LAN/WAN, subnets, firewalls, VLAN's, and VPN using Cisco switches, routers and ASA's is required
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, NIST and HITRUST.
  • Experience in the operation of a security operations center (SOC), as well as significant experience in the areas of incident response, digital forensics, and vulnerability management highly desired.
  • Demonstrated implementation of NIST or HITRUST Security Framework to move an organization from a Level 1 Maturity Scale to a Level 3 or greater

How To Apply

Guthrie is an equal opportunity employer. To apply for a position at Guthrie please visit www.guthrie.org/careers


Job Info

May 27, 2020


United States

Frequent Location Searches

Frequent Job Searches

Most Recent Job Searches

Recently Viewed Jobs