Chief Information Security Officer

Job Description

At Texas Children's Hospital, our mission starts with our people. Guided by our HEART values-Humility, Excellence, Accountability, Respect, and Trust-we strive to create a workplace where teammates feel valued, supported, and empowered to do their best work every day.

The Chief Information Security Officer is a strategic leader responsible for designing, implementing, and advancing a comprehensive cybersecurity program that safeguards sensitive health information and critical systems across the Texas Children's enterprise. This role partners closely with executive leadership to align security initiatives with organizational priorities-ensuring regulatory compliance, strengthening risk management, and fostering a culture of security awareness in support of delivering exceptional care.

What You'll Do:

Lead Enterprise Security Strategy

• Define and execute a forward-looking information security strategy aligned with organizational and clinical priorities
• Establish scalable, enterprise-wide security frameworks, policies, and standards
• Partner with executive leadership to integrate cybersecurity into broader business and technology strategies

Protect Critical Systems & Data

• Safeguard the confidentiality, integrity, and availability of ePHI and other sensitive data across the organization
• Identify, assess, and mitigate cybersecurity risks in a complex healthcare environment
• Strengthen defenses against evolving threats through proactive monitoring and continuous improvement

Drive Compliance & Governance

• Ensure compliance with HIPAA, HITECH, and applicable federal and state regulations
• Align security practices with industry standards such as NIST and ISO frameworks
• Lead audit readiness efforts and support regulatory and accreditation requirements, including Joint Commission standards

Lead Incident Response & Risk Management

• Oversee incident response capabilities, including detection, investigation, containment, and recovery
• Develop and maintain robust risk management and remediation strategies
• Provide clear, timely communication and reporting during security events

Advance Security Through Technology & Innovation

• Partner with IT to embed security across infrastructure, applications, and digital health technologies
• Oversee security practices related to cloud environments, identity and access management, and data protection
• Ensure secure integration of EHR systems and medical devices

Build a Culture of Security Awareness

• Champion security awareness and training programs for teammates and clinical staff
• Promote a culture of accountability and shared responsibility for protecting patient and organizational data

Lead & Develop High-Performing Teams

• Build, mentor, and lead a high-performing information security team
• Establish clear goals, performance expectations, and professional development pathways
• Foster collaboration across teams to drive security maturity and operational excellence

Provide Strategic Insight to Leadership

• Deliver regular security updates, risk assessments, and actionable insights to executive leadership and the board
• Translate complex technical risks into clear business impact and strategic recommendations

Strengthen Enterprise Partnerships

• Collaborate with IT, Compliance, Legal, Risk, and operational leaders to embed security across all functions
• Manage third-party/vendor risk and ensure strong external security practices

Expertise & Leadership Capabilities

• Deep knowledge of healthcare regulations (HIPAA, HITECH) and security frameworks (NIST, ISO/IEC 27001)
• Experience in risk assessment, incident response, and security operations in complex environments
• Strong understanding of EHR systems, medical device security, and healthcare technologies
• Expertise in cloud security, identity & access management, and data protection strategies
• Experience managing third-party/vendor security risk

What You'll Bring:

Required Experience

• 7+ years of progressive experience in information security
• 3+ years of experience in a healthcare environment
• 5+ years of leadership or management experience

Education

• Bachelor's degree in information security, Computer Science, Information Technology, or related field (required)
• Master's degree (preferred)

Preferred Certifications

• CISSP - Certified Information Systems Security Professional
• CISM - Certified Information Security Manager
• HCISPP - Healthcare Information Security and Privacy Practitioner

About Us

Since 1954, Texas Children's has been leading the charge in patient care, education and research to accelerate health care for children and women around the world. When you love what you do, it truly shows in the smiles of our patient families, employees and our numerous accolades such as being consistently ranked as the best children's hospital in Texas, and among the top in the nation by U.S. News & World Report as well as recognition from Houston Business Journal as one of this city's Best Places to Work for ten consecutive years.


Texas Children's comprehensive health care network includes our primary hospital in the Texas Medical Center with expertise in over 40 pediatric subspecialties; the Jan and Dan Duncan Neurological Research Institute (NRI); the Feigin Tower for pediatric research; Texas Children's Pavilion for Women, a comprehensive obstetrics/gynecology facility focusing on high-risk births; Texas Children's Hospital West Campus, a community hospital in suburban West Houston; Texas Children's Hospital The Woodlands, the first hospital devoted to children's care for communities north of Houston; and Texas Children's Hospital North Austin, the new state-of-the-art facility providing world-class pediatric and maternal care to Austin and Central Texas families. We have also created Texas Children's Health Plan, the nation's first HMO focused on children; Texas Children's Pediatrics, the largest pediatric primary care network in the country; Texas Children's Urgent Care clinics that specialize in after-hours care tailored specifically for children; and a global health program that is channeling care to children and women all over the world. Texas Children's Hospital is affiliated with Baylor College of Medicine, one of the largest, most diverse and successful pediatric programs in the nation.

To join our community of 15,000+ dedicated team members, visit texaschildrenspeople.org for career opportunities.

Texas Children's is proud to be an equal opportunity employer. All applicants and employees are considered and evaluated for positions at Texas Children's without regard to mental or physical disability, race, color, religion, gender, national origin, age, genetic information, military or veteran status, sexual orientation, gender identity, marital status or any other protected Federal, State/Province or Local status unrelated to the performance of the work involved.