Sr. Director and Chief Information Secruity Officer
Company Name:
Stryker
Requidistion ID: 2660BR
Job Title: Sr.
Director and Chief Information Secruity Officer
Group: Corporate
Division: Corporate
Business Function: Information Technology
Country: US
State/Province: MI
City: Portage
Employment Category: FullTime
Percent Travel Required: 30
Shift 1st
About Stryker: Stryker is one of the world's leading medical technology companies and together with our customers, we are driven to make healthcare better.
The Company offers a diverse array of innovative medical technologies, including reconstructive, medical and surgical, and neurotechnology and spine products to help people lead more active and more satisfying lives.
Stryker products and services are available in over 100 countries.
Job Description/Information:
Position
Summary:
This role would lead and oversee activities relating to Information Security across the company in areas of information security of its operations and systems as well as the stadards and governance around information security related to products.
The CISO will lead and manage information security initiatives that will strengthen governance, resourcing and processes / tools to increase the businesses ability to proactively and reactively deal with Information Security threats and incidents.
The CISO will also manage all transformation initiatives globally and will work closely with the different businesses Information Security leaders and regional infrastructure heads to ensure security policy or strategy is implemented in a consistent way.
While the role is a vital part of the technology organization, it forms critical part also of the broader organization, in particular legal, audit and compliance.
Essential Duties &
Responsibilities: (Detailed Description)
o Oversee and chair the Information Security Council, responsible for leading the security community across IS and representatives from other areas of the business.
o Represent IS in information security topics with Corporate Compliance Committee and other management decision bodies
o Work with the senior management in the operating companies to ensure that they have appropriate security skills, structures and processes in place.
o Provide overall leadership for the governance and compliance of the global information security policy, standards, guidelines and processes to prevent unauthorized use, release, modification or destruction of data across platforms and networks.
o Lead the definition and implementation of stronger policies for Information Security across the company reflecting industry best practice and incorporating any special situations or requirements that exist with operating companies or geographic markets.
Achieve and maintain ISO27001 certification for the organization.
o Lead the definition and implementation of stronger processes covering Information Security Incidents, Threats and Risk.
o Oversee ongoing Information Security maturity reviews across the group and oversee the implementation of any agreed action plans and report on progress; Lead all transformation initiatives as it relates to information security and will work closely with colleagues within the businesses and at the corporate level covering Legal, Internal Audit, Privacy, Information Technology and HR aspects.
o Define standards for, provide input to or lead due diligence activities during M&A transactions within the organization.
o Lead security scenario planning and desktop exercises for the wider executive team.
o Define standards for, provide input to or lead assessment of technology products, DRP, vendors, partners and service providers.
o Define standards for Digital product development and operational activities and report on progress and issues.
o Be responsible for all the relevant compliance activities related to breach response, HIPAA, and other regulatory bodies.
o Lead all proactive and reactive communication around Information Security topics with senior management and others as required.
o Oversee response to major incidents across the company as required.
o Lead the definition and implementation of a Shared Service approach to Information Security across the group as required.
o Maintain current knowledge of the information security field and the changing threat landscape; track new developments in rapidly changing technologies and create and develop a personal network of CISOs in other organizations and industries to act as a source of information.
o Perform other duties as directed.
Minimum
Qualifications:
Education & Special Trainings:
o Required: - Master's degree in MIS, MBA or related disciplines is required.
Required: - 10-15 years of experience in Information Security in roles of increasing responsibility within a large, federated global healthcare organization with significant emphasis on Digital platforms.
Qualifications &
Experience:
o Strong understanding of Information Security best practices and standards including ISO 27002, Data privacy, SOX, HIPAA and PCI regulations and legislation.
CISSP certification a plus,
o Experience of building an Information Security system and control framework within a complex, global, federated organization including staffing, controls and financial / budgetary aspects.
o Strong understanding of best practices in information security design of Digital products and infrastructure, including cloud applications and hosting.
o Ability to work effectively in a matrix organization structure with significant emphasis on collaboration and persuasion, rather than relying entirely on command and control.
o Strong communication skills, ability to present complex concepts, risks and strategies to senior management in business terms, while being able to discuss detailed technical aspects with expert Information Security and Information Technology teams.
o Strong understanding of business operations and the ability to focus Information Security on alignment with business objectives and mitigation of key business risks.
o Knowledge of risk assessment processes and standards, authorization and authentication technologies and security attack patterns.
o Ability to recruit, manage and develop a high performing team of Information Security professionals.
Physical & Mental Requirements:
o Demonstrated professional experience in IT shared services is required.
o Ability to understand systems, interrelationships and recommend enhancements, and building IT strategy
o Demonstrated leadership, interpersonal, analytical, change management and communication skills.
o Executive presence
o Ability to work effectively across functions and in global matrix organization; building successful relationships with other functions, members of XLT and external agencies and others
o Directly supervises employees at Director level.
Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws
o Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Sr. Director and Chief Information Secruity Officer
MI-Portage
2660BR Estimated Salary: $20 to $28 per hour based on qualifications.
Stryker
Requidistion ID: 2660BR
Job Title: Sr.
Director and Chief Information Secruity Officer
Group: Corporate
Division: Corporate
Business Function: Information Technology
Country: US
State/Province: MI
City: Portage
Employment Category: FullTime
Percent Travel Required: 30
Shift 1st
About Stryker: Stryker is one of the world's leading medical technology companies and together with our customers, we are driven to make healthcare better.
The Company offers a diverse array of innovative medical technologies, including reconstructive, medical and surgical, and neurotechnology and spine products to help people lead more active and more satisfying lives.
Stryker products and services are available in over 100 countries.
Job Description/Information:
Position
Summary:
This role would lead and oversee activities relating to Information Security across the company in areas of information security of its operations and systems as well as the stadards and governance around information security related to products.
The CISO will lead and manage information security initiatives that will strengthen governance, resourcing and processes / tools to increase the businesses ability to proactively and reactively deal with Information Security threats and incidents.
The CISO will also manage all transformation initiatives globally and will work closely with the different businesses Information Security leaders and regional infrastructure heads to ensure security policy or strategy is implemented in a consistent way.
While the role is a vital part of the technology organization, it forms critical part also of the broader organization, in particular legal, audit and compliance.
Essential Duties &
Responsibilities: (Detailed Description)
o Oversee and chair the Information Security Council, responsible for leading the security community across IS and representatives from other areas of the business.
o Represent IS in information security topics with Corporate Compliance Committee and other management decision bodies
o Work with the senior management in the operating companies to ensure that they have appropriate security skills, structures and processes in place.
o Provide overall leadership for the governance and compliance of the global information security policy, standards, guidelines and processes to prevent unauthorized use, release, modification or destruction of data across platforms and networks.
o Lead the definition and implementation of stronger policies for Information Security across the company reflecting industry best practice and incorporating any special situations or requirements that exist with operating companies or geographic markets.
Achieve and maintain ISO27001 certification for the organization.
o Lead the definition and implementation of stronger processes covering Information Security Incidents, Threats and Risk.
o Oversee ongoing Information Security maturity reviews across the group and oversee the implementation of any agreed action plans and report on progress; Lead all transformation initiatives as it relates to information security and will work closely with colleagues within the businesses and at the corporate level covering Legal, Internal Audit, Privacy, Information Technology and HR aspects.
o Define standards for, provide input to or lead due diligence activities during M&A transactions within the organization.
o Lead security scenario planning and desktop exercises for the wider executive team.
o Define standards for, provide input to or lead assessment of technology products, DRP, vendors, partners and service providers.
o Define standards for Digital product development and operational activities and report on progress and issues.
o Be responsible for all the relevant compliance activities related to breach response, HIPAA, and other regulatory bodies.
o Lead all proactive and reactive communication around Information Security topics with senior management and others as required.
o Oversee response to major incidents across the company as required.
o Lead the definition and implementation of a Shared Service approach to Information Security across the group as required.
o Maintain current knowledge of the information security field and the changing threat landscape; track new developments in rapidly changing technologies and create and develop a personal network of CISOs in other organizations and industries to act as a source of information.
o Perform other duties as directed.
Minimum
Qualifications:
Education & Special Trainings:
o Required: - Master's degree in MIS, MBA or related disciplines is required.
Required: - 10-15 years of experience in Information Security in roles of increasing responsibility within a large, federated global healthcare organization with significant emphasis on Digital platforms.
Qualifications &
Experience:
o Strong understanding of Information Security best practices and standards including ISO 27002, Data privacy, SOX, HIPAA and PCI regulations and legislation.
CISSP certification a plus,
o Experience of building an Information Security system and control framework within a complex, global, federated organization including staffing, controls and financial / budgetary aspects.
o Strong understanding of best practices in information security design of Digital products and infrastructure, including cloud applications and hosting.
o Ability to work effectively in a matrix organization structure with significant emphasis on collaboration and persuasion, rather than relying entirely on command and control.
o Strong communication skills, ability to present complex concepts, risks and strategies to senior management in business terms, while being able to discuss detailed technical aspects with expert Information Security and Information Technology teams.
o Strong understanding of business operations and the ability to focus Information Security on alignment with business objectives and mitigation of key business risks.
o Knowledge of risk assessment processes and standards, authorization and authentication technologies and security attack patterns.
o Ability to recruit, manage and develop a high performing team of Information Security professionals.
Physical & Mental Requirements:
o Demonstrated professional experience in IT shared services is required.
o Ability to understand systems, interrelationships and recommend enhancements, and building IT strategy
o Demonstrated leadership, interpersonal, analytical, change management and communication skills.
o Executive presence
o Ability to work effectively across functions and in global matrix organization; building successful relationships with other functions, members of XLT and external agencies and others
o Directly supervises employees at Director level.
Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws
o Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Sr. Director and Chief Information Secruity Officer
MI-Portage
2660BR Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
