Director of Cybersecurity

About the job

When the College’s cyber security is on the line, simply reacting is not enough. We need plans, tools, and mitigation strategies to protect our infrastructure. That is why we need you, a Cyber Security leader with the expertise required to identify, analyze, and reduce risk that determines our cyber resilience and compliance.

The Cybersecurity Director provide s the vision and leadership necessary to manage the risk to the organization and will ensure business alignment, effective governance, system and product availability, integrity, and confidentiality.

The Cybersecurity Director is responsible for overseeing our organization’s overall cybersecurity posture . The role supervises all aspects of IT security including staff, policy, design, development, implementation, incident response, budgets, and internal business partners . This position requires demonstrated experience in implementing , overseeing , and transforming security operation s , including vulnerability assessments and security in a hybrid cloud environment .

This position is based in Washington, DC where we have a hybrid work environment (roughly 40% of the time in the office).

Major Duties and Responsibilities:

• Provide direction for the College’s cybersecurity and data protection and oversee s ecurity governance and policies. Define metrics and report on information security metrics t o senior level staff as required .
• Supervise staff as assigned in the performance of the job duties.
• Develop and maintain an enterprise-wide security strategy, individual security awareness programs, security architecture, and security incident response plans and required artifacts .
• Provide strategic risk guidance and mitigation strategies for IT projects, including evaluation and recommendation of security and technical controls.
• Educate IT leaders hip on appropriate security risk s and mitigation strategies .
• Collaborate with IT and internal compliance team(s) as needed . C oordinate the security component of both internal and external audits to ensure security programs follow all applicable laws, regulations, and policies.
• Develop, maintain , and publish up-to-date security policies, standards, and guidelines.
• Manage and lead security focused initiatives and work closely with various S crum teams to maintain a strong security posture for the College .
• Oversee training and dissemination of security policies and practices for the enterprise .
• Evaluate new and emerging cybersecurity threats and IT trends and develop effective security controls and mitigation strategies . Oversee development of security awareness programs for the enterprise .
• Develop , review, and test incident response plans to align with the College ’ s business continuity management program goals.
• Evaluates potential security breaches, coordinates response, and recommend s corrective actions.
• Performs effective and comprehensive root cause analysis for all applicable security and data related incidents and ensures internal incident reports thoroughly document that facts surrounding incidents and ensure corrective action steps have been documented and completed.
• Other duties as assigned

R equired Qualifications:

• Min imum of five years (5) of experience in the field of IT security
• Experience leading a cybersecurity team and their day-to-day activities
• Experience in establishing cybersecurity and risk metrics for reporting
• Strong interpersonal and e motional Intelligence skills
• Demonstrated management skills, e.g., budget development and administration, polic y development and implementation, personnel administration, staff training and development
• Demonstrated ability to collaborate with diverse people
• E ffective oral and written communication
• Experience and understanding of O365 products and services, cloud authentication and aut horization, cloud security.
• Experience with security tools, such as Qualys, Splunk, New R elic
• Self-directed and initiative-taking . T hinks beyond the immediate proble m
• Flexibility to adjust to shifting priorities and possess strong analytical and problem-solving capabilities
• A willingness and aptitude to learn modern technologies
• Experience working both independently and, in a collaborative environment
• Strong analytical and critical thinking skills
• Ability to manage multiple activities and/or tasks simultaneously

Desired Qualifications:

• Bachelor’s degree from an accredited institution, with degree preferred in Computer Science or Information technology systems security or related field.
• Knowledge of Information technology infrastructure library (ITIL) (certification preferred)
• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification.
• Experience in Healthcare IT
• Experience working with Scrum teams and Agile software development methodology

About Us:

At the American College of Cardiology, we bring our hearts to work.

We are a 500-person organization dedicated and committed to our mission to transform cardiovascular care and improve heart health for the past 70 years. When you join our team, you become part of a passionate culture that envisions a world where innovation and knowledge optimize cardiovascular care and outcomes.

Every day, we are committed to supporting our more than 54,000 members and their patients around the globe and in doing so, ensure our staff have a positive environment of teamwork, collaboration, professionalism and excellence. To learn more about why ACC has been recognized as one of Modern Healthcare’s Best Places to Work in Healthcare please visit our site at:  www.acc.org/jobs .

COVID Considerations:

As an employer in the public health space, and an organization that serves members who are essential medical personnel, ACC requires all staff to be fully vaccinated against COVID-19 upon hire. Proof of vaccination will be required.  Individuals can request an exemption from this requirement due to a medical condition or sincerely held religious belief, and those requests for reasonable accommodations will be evaluated individually.

ACC is proud to be an equal opportunity and affirmative action employer. We celebrate diversity and are committed to creating an inclusive environment for all candidates and employees. All employment is decided on the basis of qualifications, merit and business need. Equal Opportunity Employer, including individuals with disabilities and veterans.

ACC is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact Crystal Nott, Sr. Director, People Resources & Engagement at  [email protected]  or (202)375-6423.