Chief Information Security Officer
A Chief Information Security Officer (CISO) is responsible for security and compliance of IT infrastructure, data center, data warehouses, products and websites. This includes but is not limited to daily operations of the IT security program, oversight of the annual and ongoing risk assessment process, integrity and access of protected health information, development, implementation, and maintenance of policies and procedures, ensuring the confidentiality, and of monitoring program compliance as well as investigation and tracking of incidents and breaches and compliance with federal and state laws. The Chief Information Security Officer must face clients and other staff members on data security matters.
The Chief Information Security Officer is also expected to build a strategic information security program to maintain and develop information security practices to minimize risk. He or she will also ensure policies and standards are up-to-date. The CISO will also create information security awareness, as well as best practices within the organization. Any security incidents will be managed and disaster recovery, risk management, and business continuity will be addressed. He or she will also establish a process in the event of a security incident. Knowledge of federal and state security laws, licensing and certification requirements and accreditation standards is a must. Other technology priorities for this position include BI/analytics, cloud, mobile, digital marketing, infrastructure and data center, ERP, security, industry-specific applications, CRM, and data communications.