Chief Information Security Office (CISO)

Chief Information Security Officer (CISO)Full-time / Benefits EligibleLocation 1077 Gorge Blvd, Akron, OH 44310Summa Health System is recognized as one of the region’s top employers by a number of third party organizations, including NorthCoast 99. Exceptional candidates gravitate to Summa because of its culture, passion for delivering excellent service to our patients and families commitment to our philosophy of servant leadership, collegial working relationships at every level of the organization and competitive pay and benefits.SummaryUnder general direction of the CIO, the CISO is a senior executive accountable for building, owning, and delivering Summa Health System’s enterprise cybersecurity program across both the health system and the SummaCare health plan. This is a delivery role: the CISO authors strategy, holds direct accountability for architecture and implementation, and manages cybersecurity risk to acceptable levels aligned with business objectives.The CISO maintains ongoing technical currency — including on the AI threat surface, cloud platforms, and emerging attack vectors — and applies it pragmatically in support of patient care, business operations, and regulatory obligations. The dual provider-and-payer mandate is defining: the CISO must be fluent in HIPAA Security Rule compliance, OCR audit readiness, and health plan obligations including Ohio Department of Insurance requirements, and serves as designated Information Security Official for Summa Health pursuant to 45 CFR Subchapter C, Section 164.308(a)(2).Minimum Qualifications Formal Education Required:Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, Business Administration, or related field — or equivalent combination of education and experience. Advanced degree (MS, MBA, or equivalent) preferred. Experience and Training Required:Ten (10) + years of progressive information security experience, with at least five (5) in a senior leadership role carrying direct delivery accountability — not solely advisory or governance. Healthcare experience required, with demonstrated understanding of EHR platforms (Epic preferred), HL7/FHIR, EDI, and clinical workflow constraints affecting security program design. Certifications required:Three (3) current, non-lapsed certifications, with at least one being a cloud security certification or recognized equivalent. Accepted certifications listed below under Certifications preferred. Certifications preferred:ISC2 Certified Information Systems Security Professional (CISSP), ISC2 Certified Cloud Security Professional (CCSP), ISACA Certified Information Security Manager (CISM), ISC2 Healthcare Information Security and Privacy Practitioner (HCISPP) Other Skills, Competencies and Qualifications: Advanced knowledge of how cybersecurity capabilities support foundational business and clinical/operational workflows, including EHR platforms, interoperability standards (HL7/FHIR, EDI 834/837), and hybrid on-premises and cloud environments (IaaS, PaaS, SaaS). Advanced knowledge of cybersecurity governance frameworks (NIST CSF, HITRUST, HIPAA Security Rule, PCI DSS, COBIT, ITIL), information assurance principles (confidentiality, integrity, availability, authenticity, non-repudiation), and risk management processes including cyber threats, vulnerabilities, incident response, IT Change Management, and Business Continuity. Advanced knowledge of third-party and vendor risk management (outsourced service assessment, contractual security requirements, Business Associate oversight); and IT budget, planning, forecasting, and financial management to justify security investments by risk reduction and business impact. Working knowledge of emerging technology risk domains — including analytics, generative AI, and agentic AI workflows — and the ability to evaluate and integrate safeguards for data protection, misuse, and regulatory risk. Level of Physical Demands: Sedentary: Exerts up to ten pounds of force occasionally and/or a negligible amount of force frequently.Equal Opportunity Employer/Veterans/Disabled$97.02/hr - $145.53/hrThe salary range on this job posting/advertising is base salary exclusive of any bonuses or differentials. Many factors, such as years of relevant experience and geographical location are considered when determining the starting rate of pay. We believe in the importance of pay equity and consider internal equity of our current team members when determining offers. Please keep in mind that the range that is listed is the full base salary range. Hiring at the maximum of the range would not be typical.Summa Health offers a competitive and comprehensive benefits program to include medical, dental, vision, life, paid time off as well as many other benefits.Basic Life and Accidental Death & Dismemberment (AD&D)Supplemental Life and AD&DDependent Life InsuranceShort-Term and Long-Term DisabilityAccident Insurance, Hospital Indemnity, and Critical IllnessRetirement Savings PlanFlexible Spending Accounts – Healthcare and Dependent CareEmployee Assistance Program (EAP)Identity Theft ProtectionPet InsuranceEducation AssistanceDaily Pay