Chief Information Security Officer

About the Organization

Ann & Robert H. Lurie Children’s Hospital of Chicago has retained Kirby Partners to support their search for their Chief Information Security Officer.

Founded in 1882 by Julia Foster Porter whose son died of rheumatoid arthritis, Lurie Children’s has become one of the top pediatric hospitals in the country and continues to be ranked the #1 children’s hospital in Illinois ranking in all pediatric specialties according to U.S. News & World Report. Lurie Children’s is also the largest pediatric specialty provider in the region, by volume.

Mission

Lurie Children’s is dedicated to the health and well-being of all children. As a leader in pediatrics, they do this through their model of CARE:

Clinical Care
Throughout the Medical Center and in the community.

Advocacy
Because every child deserves to thrive.

Research
The pursuit of discovery and the promise of a cure.

Education
Training the next generation of clinicians, and leaders in pediatric healthcare.

Vision
Lurie Children’s will be a transformational force in CARE and innovation to achieve a healthier future for every child.

Purpose
Lurie Children’s is inspired by its patients and each other to ignite hope in the pursuit of healthier futures for children and families of Chicago and beyond.

Awards & Accolades

Lurie Children’s  is proud to be recognized for the following awards, accolades, and achievements:

• One of the first free-standing pediatric hospitals in the nation
• The first hospital in Illinois to receive the American Nurses Credentialing Center’s Magnet Recognition® for Nursing Excellence; it is the only hospital in Illinois and one of only a few in the country to achieve this high honor five times
• One of Newsweek’s best specialized hospitals (2024 and 2025) and America’s best children’s hospitals (2024)
• 2024 Women’s Choice Award for best children’s hospital
• One of Forbes’ America’s best mid-sized employers
• Named a Leader in LGBTQ Healthcare Equality by The Human Rights Campaign Foundation
• Association for the Accreditation of Human Research Protection Programs (AAHRPP)
• A level I pediatric surgery center by the American College of Surgeons (ACS), becoming the first children’s hospital in Illinois to earn this status
• A Joint Commission Top Performer
• LEED-certified to the Gold Level
• Received international recognition from ChildKind International​ for its exceptional commitment to the prevention and treatment of children’s pain

Pediatric Research

Lurie Children’s is one of the few children’s hospitals in the country to have its own research center devoted to pediatric diseases, the Stanley Manne Children’s Research Institute. Manne Research Institute’s mission is to generate new knowledge and translate advancements in the prevention, diagnosis, and treatment of diseases that affect children’s health through adolescence and adulthood. Their multidisciplinary teams are committed to making discoveries that will transform pediatric medicine and improve the lives of children and their families.

Community Health

A second named institute, the Patrick M. Magoon Institute for Healthy Communities serves as the hub for all Lurie Children’s community-focused initiatives. Their experts partner closely with community-based organizations and leaders, to link clinical work with grassroots expertise to develop evidence-based initiatives that help children and communities thrive.

Foundation

Lurie Children’s relies on philanthropic funding to enhance its programs and services for children and families. Founded in 1987, the Ann & Robert H. Lurie Children’s Hospital of Chicago Foundation is a charitable 501(c)(3) tax-exempt organization with fundraising professionals who work with 11 affiliated organizations and an active team of volunteers to cultivate and secure contributions that advance the mission of the hospital.

About the Position

Overview

Lurie Children’s seeks a visionary Chief Information Security Officer (CISO) to lead its enterprise information security program. Reporting to the EVP, Chief Administrative and Legal Officer, this role is crucial in safeguarding information assets while supporting business objectives. The CISO will be a thought leader skilled in bridging the gap between business and technology, with a strong emphasis on the importance of cybersecurity in achieving organizational goals.

The ideal candidate will shape digital security strategy and drive initiatives to enhance the Medical Center’s cybersecurity capabilities. They will establish governance frameworks and collaborate with executive leadership to set risk levels and advance security measures. This position demands a leader with a solid understanding of healthcare provider business management and cybersecurity technologies across the enterprise.

The CISO must be a proactive leader capable of working with various stakeholders to enforce cybersecurity policies while supporting the organization’s mission to provide exceptional pediatric care and foster innovation. They will play a pivotal role in ensuring that Lurie Children’s remains at the forefront of information security in the healthcare sector, balancing robust protection with operational efficiency.

Key Responsibilities:

• Develop and implement a comprehensive cybersecurity strategy aligned with organizational goals
• Cultivate and lead a world-class information security program
• Guide the enterprise-wide information security function and continuously develop governance frameworks
• Identify, evaluate, and report on various risks to information assets
• Foster a culture of security awareness through training programs and other initiatives
• Collaborate with executives and business units to set acceptable risk levels, enforce policies, and communicate cybersecurity’s impact
• Implement and maintain cybersecurity frameworks to enhance the Medical Center’s security posture
• Serve as the organization’s HIPAA Security Officer
• Ensure compliance with legal and regulatory obligations, serving as the process owner for data confidentiality, integrity, and availability
• Develop and oversee incident response and business continuity plans while managing security incidents and monitoring external threats
• Manage security incidents and monitor external threats
• Continuously develop metrics and reporting frameworks to evaluate cybersecurity program effectiveness
• Integrate cybersecurity requirements into enterprise architecture and project delivery processes
• Oversee cybersecurity budget, vendor relationships, and team development
• Regularly report to Board of Directors on the information security program and serve as trusted advisor to the executive leadership team on security risks, strategies, and priorities
• Build internal networks and external partnerships with industry peers and law enforcement
• Advise on cyber risk posture and ensure mandatory application of controls across the organization

Qualifications

Minimum:

• Bachelor’s degree
• Ten years of leadership in progressive healthcare organizations
• Proven senior leadership in risk management and cybersecurity
• Thorough understanding of healthcare systems, including Epic-based electronic health records

Preferred:

• Master’s degree in a related field
• Relevant certifications (CISSP, CISM, CISA, or CRISC)

Leadership Competencies:

• Knowledge of healthcare-related legal and regulatory requirements
• Strategic thinking with ability to align security initiatives to organizational goals
• Exceptional communication skills across diverse audiences
• Strong collaboration and stakeholder management abilities
• Influence and consensus-building skills at all organizational levels
• Proficiency in financial management and vendor negotiations
• Aptitude for identifying and addressing digital security gaps in patient-focused environments
• Ability to lead and inspire high-performing teams

Note: The CISO will be expected to be on-site at the main hospital campus in Chicago for the majority of their time. Relocation to Chicago is highly preferred.  

About Chicago, Illinois

Mega metropolitan city

Located on the shoreline of Lake Michigan in northeast Illinois, Chicago is the third largest city in the U.S. and one of the most unique and vibrant cities. Chicago offers a rich history, stunning architecture, and world-class museums, theaters, galleries, and restaurants.

Scenic green spaces

Chicago is nicknamed “the city in a garden” because it has over 600 parks and green spaces. The Lake Michigan waterfront is one of the city’s most cherished geographic assets, offering numerous recreational opportunities, such as boating, jet skiing, and kayaking.

Bike-friendly and walkable city

More Chicagoans are choosing biking as a safe and affordable way to get around the city. The growth in biking is due to the city’s investment in increasing and improving its bike infrastructure.

Procedure for Candidacy

Final candidates should expect two interviews with Kirby Partners recruiters (including a video conference interview). You may be asked to complete our “Executive Profile” and submit references to be considered for presentation to the search committee.