Senior Director, Cyber Security and Deputy CISO

Job Description

HealthPartners is currently hiring for a Senior Director, Cyber Security and Deputy CISO . This role sets the strategic direction for IT security initiatives and serves as a key partner to business leaders. Responsibilities include safeguarding data and systems, advising on security technologies and integration, and collaborating on enterprise-wide security solutions. The position leads IT Security Management and is accountable for the security infrastructure supporting HealthPartners’ electronic data and systems. It also serves as the organization’s Deputy Chief Information Security Officer.

The Senior Director reports to the Vice President of IT Infrastructure Technology and the Chief Information Security Officer (CISO) and will be part of a 10-person leadership team. In addition, the Senior Director oversees a department of 40 personnel, with 13 direct reports comprising three Managers, nine Analysts, and one Scrum Master.

Required Qualifications

• Bachelor’s degree in computer science, management information services, or equivalent experience.
• Twenty (20) years of progressive experience in information systems, including roles with increasing leadership responsibility and project oversight.
• Ten (10) years of hands-on experience in cybersecurity, with deep expertise in NIST frameworks, CIS Controls, and SIEM tools. Proven record in crafting robust cybersecurity strategies and conducting comprehensive risk assessments.
• Ten (10) years of demonstrated success in staff management and team leadership, fostering high-performance cultures and driving operational excellence.
• Strong understanding of threat intelligence (e.g., MDR).
• Understanding of network, cloud application, endpoint protection, firewalls, Data Loss Protection (DLP) strategies, and security architecture (e.g., Zero Trust framework).
• Proven experience in incident response and crisis management.
• Exceptional verbal and written communication skills, with the ability to convey technical and non-technical information clearly to stakeholders at all levels of responsibility and authority.
• Comprehensive knowledge of IT infrastructure, technologies, and hardware configurations
• Strategic thinker with a focus on long-term solutions
• Strong commitment to delivering exceptional customer service.
• Proven ability to manage moderate to complex projects successfully.
• Excellent critical thinking skills with a focus on minimizing organizational impact.
• Demonstrated ability to manage multiple priorities effectively.
• Skilled in negotiation and conflict resolution
• Experience with service management platforms and tools

Preferred Qualifications

Strongly prefer experience securing medical devices and healthcare technologies (e.g., MRIs, infusion pumps, lab equipment, Pyxis systems), as well as other IOT and OT devices. Emphasis on applying cybersecurity best practices across clinical and connected environments.

CISM, CISSO, CISSIP, or other Security Certification(s) is strongly preferred.

Extensive knowledge and firsthand experience with security and compliance frameworks, including HIPAA, Sarbanes-Oxley (SOC 2), FDA regulations, and Payment Card Industry (PCI) standards.

Hours / Location :

M-F; Days

This hybrid role requires an onsite presence 3–4 days per week to support team collaboration, cross-functional engagement, and day-to-day operational effectiveness.

Responsibilities

Leads and is accountable for management and staff; ensuring the appropriate direction is provided to management and leaders within this group to plan for, develop, maintain, and manage their workforce all while fostering an inclusive team environment and being a champion for new ways of working.

Lead and mentor teams towards the creation and accomplishment of goals that align with HealthPartners strategic initiatives with an eye toward continual improvement.

Oversee, approves, and is accountable for the group’s operating and capital budgets and their effective management; developing financial plans for the areas’ functions and initiatives.

Partners with HealthPartners and IT Senior Leaders to develop strategies ensuring the integrity, cybersecurity and privacy of HealthPartners systems and data.

Oversee the development and implementation of cybersecurity policies, standards, guidelines, and procedures to ensure ongoing maintenance of cybersecurity controls.

Directs the development and maturity growth of the IT Cybersecurity Infrastructure; advancing the shift to agile processes and methodologies while also driving increased automation.

Partners with HealthPartners IT, Corporate Compliance, Risk Management, and Internal Audit to develop and implement control initiatives that are directly related to the cybersecurity infrastructure or processes and policies.

Ensures effective cybersecurity breach investigation and resolution processes.

Directs the organization’s cybersecurity posture; ensuring regulatory and customer demands are met within the cybersecurity infrastructure.

Identifies goals, objectives, and metrics consistent with HealthPartners’ strategic plan.

Promotes cybersecurity awareness and consciousness.

Collaborates towards the development of IT’s strategic planning of enterprise systems architecture and system standards; ensuring that architectural plans and standards are aligned with the cybersecurity requirements.

Identity Access Management

SIEM management and reporting

Data loss prevention

Network security, firewalls, and segmentation.

Manages vendor relationships; negotiating terms and ensuring the contractual agreement and services meet HealthPartners’ needs.

About Us

At HealthPartners we believe in the power of good – good deeds and good people working together. As part of our team, you’ll find an inclusive environment that encourages new ways of thinking, celebrates differences, and recognizes hard work.

We’re a nonprofit, integrated health care organization, providing health insurance in six states and high-quality care at more than 90 locations, including hospitals and clinics in Minnesota and Wisconsin. We bring together research and education through HealthPartners Institute, training medical professionals across the region and conducting innovative research that improve lives around the world.

At HealthPartners, everyone is welcome, included and valued. We’re working together to increase diversity and inclusion in our workplace, advance health equity in care and coverage, and partner with the community as advocates for change.

Benefits Designed To Support Your Total Health

As a HealthPartners colleague, we’re committed to nurturing your diverse talents, valuing your dedication, and supporting your work-life balance. We offer a comprehensive range of benefits to support every aspect of your life, including health, time off, retirement planning, and continuous learning opportunities. Our goal is to help you thrive physically, mentally, emotionally, and financially, so you can continue delivering exceptional care.

Join us in our mission to improve the health and well-being of our patients, members, and communities.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant because of race, color, sex, age, national origin, religion, sexual orientation, gender identify, status as a veteran and basis of disability or any other federal, state or local protected class. #J-18808-Ljbffr