To begin the application process, please enter your email address.
Company Contact Info
- Secaucus, NJ
Sorry, we cannot save or unsave this job right now.
Report this Job
Saving Your Job Alert
Job Alert Saved!
Could not save Job Alert!
You have too many Job Alerts!
This email address has reached the maximum of 5 email alerts. To create a new alert, you will need to log into your email and unsubscribe from at least one.
Email Send Failed!
Executive Director, IT Security
Quest Diagnostic Health and Wellness • Secaucus, NJ
Posted 4 days ago
Get facts about other applicants with a CareerBuilder Account
Recognized by FORTUNE magazine as one of the “World’s Most Admired Companies,” Quest Diagnostics is the world's leading provider of diagnostic testing, information and services that doctors and patients need to make better healthcare decisions. They are pioneers in developing innovative diagnostic tests and advanced healthcare information technology solutions that help improve patient care.
With corporate headquarters in Secaucus, NJ, Quest Diagnostics is a Fortune 500 company, traded on the New York Stock Exchange and included in the Dow Jones Sustainability World Index. With 2017 revenues of $7.7 Billion, and approximately 42,000 employees and 2,100 patient locations across the US, Quest Diagnostics serves half of the physicians and hospitals in the US with their large variety of products and services.
The company offers the broadest access to diagnostic testing services through its network of laboratories and patient service centers, and provides interpretive consultation through its extensive medical and scientific staff. Quest Diagnostics also provides services to employers, life insurance companies, other commercial labs, clinics, health plans, government agencies, and organizations involved in clinical trials research.
Approximately 150 million times each year, patients and their physicians rely upon Quest Diagnostics results to make important healthcare decisions.
Quest Diagnostics Healthcare IT solutions connect over 165,000 physicians. Approximately one third of U.S. physicians – and many of the country’s leading hospitals and health systems – relies on Quest Diagnostics healthcare information solutions to foster better patient care and improve their business performance.
FORTUNE magazine's 'World's Most Admired Companies' list
Fortune magazine’s Fortune 500 list
Forbes Global 2000
Member of the Dow Jones® Sustainability World Index
Consistently named one of the best places to work in U.S. business journal rankings
Diagnostic Testing Services:
Quest Diagnostics is the world’s leading provider of diagnostic testing, information and services that patients and doctors need to make better healthcare decisions. Their services range from routine blood tests — such as total cholesterol, Pap testing and white blood cell count — to complex, gene-based and molecular testing. They perform medical tests that aid in the diagnosis or detection of diseases, measure the progress or recovery from a disease or confirm that an individual is free from disease. In addition, they have specialized expertise in cancer, cardiovascular diseases, infectious diseases, and neurology.
In the $60 Billion and growing US Diagnostic Testing Market, Quest Diagnostics is the leader. Quest Diagnostics’ reputation as a leading innovator, provider of high value, low cost solutions and its financial strength and flexibility make it well positioned to capitalize on the evolving healthcare landscape.
Quest Diagnostics’ long term strategy is to become the undisputed world leader in diagnostic testing, information and services. To drive this profitable growth, Quest Diagnostics plans to leverage capabilities to create differentiation:
Deliver Innovative Solutions
Leverage their Unparalleled Access and Distribution Network
Expand their relationships with large payors and health systems
Deliver Superior Patient Experiences
The Executive Director, IT Security is responsible for establishing and maintaining an Enterprise wide information security program to ensure that Information Technology and information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. The Executive Director, IT Security proactively works with the business to implement practices that meet defined policies and standards for information security and oversees all IT risk management activities. This role serves as the process owner of all ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees and business information, in compliance with the organization's information security policies. A key element of this role is to work with executive management to determine acceptable levels of risk for the organization.
The Executive Director, IT Security position requires a visionary leader with strong skills in technology and business management. This role requires an integrator of people and processes, a thought leader, a problem solver, an effective consultant and solid domain competency in the field of information security. This role must be highly knowledgeable about the business environment and must ensure that information systems are maintained in a fully functional, secure mode. The position acts as Chief Information Security Officer (CISO) and reports to the VP, Infrastructure, Operations & Security.
Duties and Responsibilities:
Develop, implement and monitor a strategic, comprehensive enterprise wide Information Technology security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
Develop, maintain and execute a proactive Information Security Strategy that evolves with the business needs. Provide expert leadership in the development, implementation, and maintenance of an information security program and associated infrastructure which entails the monitoring of information security trends internal and external to the organization and keeping senior management informed about information security-related issues that could affect the organization.
Manage the enterprise's IT Security organization, consisting of direct reports and indirect reports (such as individuals in other areas of IT) including providing security guidance, hiring, training, staff development, performance management and annual compensation review.
Develop, communicate and ensure compliance with organizational security policies, standards, and guidelines.
Provide guidance and advocacy regarding prioritization of IT investments that impact information security and risk including the management of the information security budget and monitor for variances.
Create and manage information security/ risk management awareness and training programs for all employees, contractors and approved system users.
Work directly with IT and business entities to facilitate IT risk analysis and risk management processes, identify acceptable levels of risk, while balancing with business needs, and establish roles and responsibilities regarding information classification and protection.
Responsible for presenting overall IT risk, specifically in the ERM corporate process to include the IT areas of: compliance, security, performance, and availability.
Monitor information security trends internal and external to Quest Diagnostics and keep Quest Diagnostics senior management informed about information security-related issues and activities affecting the organization.
Provide subject matter expertise to executive management on a broad range of information security standards and best practices, such as PCI, HIPAA, NIST, etc.
Provide strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical security and contractual controls.
Liaison with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
Coordinate information security and risk management projects with staff from the IT organization and business teams.
Ensure that security programs are following applicable laws, regulations and policies to minimize or eliminate risk and audit findings.
Facilitate the conduction and responses to various internal and external security related audits.
Create and facilitate the information security risk assessment and threat and vulnerability processes, including reporting and oversight of remediation efforts to address negative findings.
Ensure the Corporation maintains an effective Cybersecurity program to protect critical IT assets and customer and corporate data.
Assist various teams in the investigation of security incidents and events to protect corporate IT assets, including intellectual property, confidential data, and other IT fixed assets while protecting the company's reputation.
Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
Develop operational and strategic relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program.
Facilitate business alignment and communications by forming an information security steering committee or advisory board such as a Security Council.
Conduct security vendor risk assessments for those external suppliers that have possession of organizational confidential/sensitive data.
Develop and manage information security budgets and monitor them for variances.
Liaise between the information security team and corporate compliance, physical security, internal audit, legal and HR management teams as required.
Understand potential threats, vulnerabilities, and control techniques and communicate this information to departmental system administrators.
Senior Director, IT Security – 4 direct reports + Tech Center staff in
Director, IT Security – 6 direct reports + Tech Center staff in
Manager, IT Security – 10 direct reports + Tech Center staff in
Spec, IT Security – Lead
BA/BS degree preferably in computer science/information systems. MBA a plus
Ten to 15 years in information and IT security
Minimum five years' experience in a security-related thought leadership or management capacity
Proven ability to operate within a healthcare business environment.
Perform job duties with frequent interruptions or distractions
Adjust priorities quickly as circumstances dictate.
Ability to interact professionally with colleagues and/or customers for different purposes in different contexts.
Ability to collaborate across the organization.
Maintain composure under pressure.
Performs a variety of duties, often changing from one task to another.
Ability to comprehend and follow verbal or written instructions.
Effective verbal communication.
Effective written communication.
Concentrate on tasks.
Ability to making decisions.
Certified Information Systems Auditor (CISA) or Certification for the Information Systems Security
Professional (CISSP) or Certified Information Security Manager (CISM)
Skills & Abilities:
Information security strategies within global IT environment
Knowledgeable in information security trends while developing policies and standards along all levels
Able to develop programs and guidelines
Health Care experience desirable
The successful candidate for Executive Director, IT Security will demonstrate through education and experience the following competencies:
Executive Leadership and strategy
Compliance and Risk Management
HTAS capabilities: Digital Dexterity, Focus on the Customer, Knowing the Business, Collaborate with Others, Promote Strategic Alignment, Adaptability