Chief Information Security Officer

Carilion Clinic Roanoke, VA

This position has been filled.

Carilion Clinic has retained Kirby Partners to conduct a nationwide executive search for candidates for their Chief Information Security Officer.

About Carilion Clinic:

Carilion Clinic, headquartered in Roanoke, Virginia, includes a comprehensive network of 250+ locations (from Shenandoah and the Highlands to southwest Virginia) that include hospitals, primary and specialty physician practices, and other complementary services.

Throughout all of their facilities, Carilion Clinic provide quality care close to home for nearly one million Virginians and West Virginians.

Over the next seven years, Carilion Clinic is investing more than $1 billion in the region through expanding and modernizing its buildings. These plans include an almost-500,000 square foot expansion to Carilion Roanoke Memorial Hospital.

Carilion Clinic was once again named to Fortune’s list of  “America’s Most Innovative Companies” for 2024.


Facts and Figures

Logo $2.23B total operating revenue
Logo $103.5M total community benefit
Logo 135+ clinical trials
Logo 90 active grants
Logo $15M grant award budget
Logo 4,500+ positions filled in 2022

* Figures based on Carilion Clinic 2022 Annual Report and  FY 2023 research and development fast facts.


Chief Information Security Officer Position Overview

The Chief Information Security Officer (CISO) at Carilion Clinic is a key member of the SVP/CIO’s senior leadership team. They have responsibility for maturing and overseeing a comprehensive information technology security program across the enterprise.

This position offers a unique opportunity to lead the organization’s long-term information security strategies, ensuring the protection of network, computer, device, application, and data assets. Reporting directly to the CIO, the CISO sits outside of the IT team in order to function in a security assessment role to identify any security gaps.

Culturally, Carilion Clinic highly values security; they have a supportive board that has never turned down a security request. The organization has successfully defended against several attacks. There are no security incidents currently ongoing.

The CISO will lead a dedicated security team of approximately 18 people. The team is highly collaborative. They value a good personality, the ability to laugh, and get along with others.

The CISO is a vital contributor to major programs underway, such as moving to Epic hosting, modernizing telephony and network infrastructure, and implementing a significant managed services arrangement. The organization is undergoing a full Workday implementation after which the CISO will lead several initiatives to uplift identity and access management and MFA programs.

The Information Security Program is continuously evolving by enhancing existing security tools like the Palo firewalls and expanding new ones such as data classification.

Key responsibilities:

  • Develop and implement long-term information security strategies
  • Lead the response to IT security incidents, serving as the primary IT contact point for information security matters
  • Collaborate with Carilion Clinic’s legal counsel, internal audit, compliance/risk management, and other departments on IT security matters
  • Provide specialized IT security consulting, materials, programs, and analysis related to information security and IT policy
  • Conduct proactive IT risk assessments and research
  • Evaluate and oversee the implementation of procedural and technical IT security measures for Carilion’s network, applications, computing systems, environments, and mobile and clinical engineering assets

Qualifications

Required:

  • Bachelor’s degree
  • 8-10 years of dedicated IT security experience
  • Healthcare experience
  • CISSP or other risk/security certification

Preferred:

  • Master’s degree
  • Academic medical center experience

Work arrangements:

The CISO needs to reside in or relocate to Roanoke. The cybersecurity team primarily works on-site and the CISO will need to be on-site a part of each work week.


About Roanoke, Virginia

Director Technology Services Group search at Carilion Clinic in Roanoke, VA | Kirby Partners

Scenic metropolitan city
Roanoke is a beautiful thriving city located between the Blue Ridge Mountains and the Appalachian Mountains in western Virginia.

Highly-desirable area
The city offers a low cost of living, attractive climate, award-winning outdoor amenities, hiking trails, friendly neighborhoods with character, museums, craft breweries, unique shops and restaurants, and historical attractions.

Convenient location
Roanoke is located midway between New York and Atlanta on Interstate 81 and 168 miles west of Richmond.

99K+ Population
70+ Restaurants
600+ Miles of hiking trails
70 Parks

Roanoke, VA

Procedure for Candidacy

For final candidates, a presentation to Carilion Clinic will be included in the process.  


Margaret Cowan

Executive Recruiter