
Chief Information Security Officer
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.1
Reclaim your time by letting our AI handle the grunt work of job searching.
We continuously scan millions of openings to find your top matches.

Overview
Job Description
Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham.
Job Summary
The OpportunityAt Mass General Brigham Digital, we pride ourselves on our ability to create maximum strategic, clinical, and operational value from established and emergent technologies for our patients, care teams, researchers, and employees. Digital health will not only enhance the equity and efficiency of healthcare delivery, but it will also help make medicine more personalized and precise. Why Join Mass General Brigham?This is a rare opportunity to shape the future of one of the nation's leading integrated healthcare systems. The CISO will play a pivotal role in advancing digital transformation, cybersecurity, clinical innovation, and enterprise technology strategy while leading a talented team dedicated to improving patient care and advancing healthcare excellence.What Success Looks LikeThe ideal Chief Information Security Officer (CISO) will embody Mass General Brigham's commitment to exceptional leadership, innovation, collaboration, and accountability. This executive will inspire teams, build trusted partnerships, and drive transformative technology strategies that advance our mission of delivering world-class patient care, research, and operational excellence.Leadership CompetenciesPerformance-Focused LeadershipThe successful candidate will:Qualifications
The CISO’s Key Responsibilities will include:
- Effective Information Risk Management: Create a risk aware culture ensuring that information risk is owned by relevant parts of the business to enable control and enable investments in bold innovations.
- Mature Security Capabilities: Focus on the protection of confidentiality, integrity and availability of information to enable the safe and secure communication of patient interactions so that MGB continues to lead the way in academic and community healthcare.
Additional Responsibilities:
- Accountable for the end-to-end overall direction and strategy of MGB’s Security function in close collaboration and alignment with the CIDO’s leadership team and enterprise stakeholders; manage the relationship with Risk and Audit committees and the Board of Directors on Cyber Security issues and policies.
- Optimize effective security and privacy governance to ensure complete security of MGB’s data.
- Drive security and risk processes throughout MGB to create a security-savvy workforce and implement processes that create self-service capability with a focus on simplification, speed and automation.
- Contribute to security product and architecture currency by remaining relevant to any evolving threat landscape and respond swiftly to mitigate exposure to new threats and vulnerabilities.
- Manage third-party connectivity models, standards, assessments and relationships for MGB.
- Support and partner with peer delivery organizations within the CIDO’s organization to drive secure digitally-native solutions without being a road-block.
- Lead strategic security planning to achieve business goals, including the ability to articulate ideas to both technical and non-technical groups, and business case justifications for security spending initiatives.
- Establish and maintain a strong partnership with technology peers, enterprise risk management, privacy, audit and other leaders throughout the business to support the development and implementation strategies that adhere to the enterprise risk tolerance. The security team will need to anticipate technology shifts that keep peer organizations competitive, yet driving these innovated solutions without compromising security posture.
- Leading through influence will be a critical competency to ensure that security is embraced pervasively throughout the MGB enterprise.
- Continuously improve existing security standards across the organization to maintain a competitive edge within the market and remain current to the changing threat landscape.
- In conjunction with other technology leaders, develop, implement and maintain department policies and standards designed to maximize effectiveness and minimize costs related to the acquisition, implementation and operation of enterprise applications and infrastructure systems in a secure manner.
- Ensure security standards and implementation of cloud platform controls across GCP, Azure and Microsoft.
- Lead acquisition and divestiture cyber due diligence to ensure M&A integration activities are completed securely, on time and within budget.
- Partner with internal and external clients to ensure a high degree of system security.
- Proactively update security and technology skill sets. Stay well-informed of technological advances and continuously research better ways to accomplish tasks, and integrate new security technologies.
- Maintain a constructive, team-oriented and customer-focused attitude at all times and in all settings.
- Recruit and develop talent that will drive the organization to higher performance.
- This role is accountable to maintain technical compliance to regulations, standards, and certifications such as NIST, SOX, PCI and HIPAA.
Qualifications
- 2x weekly onsite or more if needed for business needs.
- Master's Degree Health Administration required
- Can this role accept experience in lieu of a degree? No
- Excellent leadership, interpersonal, and communication skills, with the ability to lead and inspire a team.
- Exceptional strategic and analytical skills, with the ability to develop and implement effective healthcare solutions. In-depth knowledge of healthcare regulations, policies, and standards.
- Exceptional business acumen, with the ability to develop and execute successful business strategies.
- Ability to work well under pressure, meet deadlines, and manage multiple projects simultaneously 8-10+ years preferred
Financial and supervisory duties
- Has oversight of ~45 employees
- $18m OPEX
Additional Job Details (if applicable)
Working Model Required
- M-F Eastern Business Hours required
- Hybrid required 2x weekly or more in office onsite for, stakeholder meetings or business needs, must be flexible business needs
- A quiet, secure, compliant workspace is required for remote workdays, and will be viewed and confirmed via Microsoft Teams Video
Remote Type
Work Location
Scheduled Weekly Hours
Employee Type
Work Shift
EEO Statement:
Mass General Brigham Competency Framework
At Mass General Brigham, our competency framework defines what effective leadership “looks like” by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused, half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance, make hiring decisions, identify development needs, mobilize employees across our system, and establish a strong talent pipeline.
Automate your job search with Sonara.
Submit 10x as many applications with less effort than one manual application.
