Planned Parenthood Federation of America (PPFA) and Planned Parenthood Action Fund (PPAF) seeks an Associate Director, Office of the CISO. This job reports directly to the Director, Office of the CISO and the CISO in the Information Securit division of PPFA. The Office of the Chief Information Security Officer provides the strategy and implementation of the information security program that safeguards the data entrusted to Planned Parenthood by its patients, supporters, donors and staff.
- The Associate Director is responsible for ensuring the successful completion and implementation of the day-to-day operations, administration and project management for the Information Security department including but not limited to planning for key and meetings to ensure work is on track, managing and external communications, and ensuring that the CISO is prepared for all meetings and events. This person will also provide direction and support for special projects for the Affiliates and National Office as well as the building of new InfoSec capabilities.
- In this role we are looking for someone who is driven, takes initiative, keeps things simple with strong intellectual curiosity, and is also able to act independently while knowing when to ask for guidance or direction. The core deliverables for this role include but are not limited to:
- Operations and Administration
- Supports the CISO on special projects as necessary.
- Supports InfoSec Tower teams as necessary on key projects with a lens towards the impact on the Affiliates.
- Helps create or directly creates process improvements for security related programs by enhancing and expanding the use of standard project management frameworks and methodologies, analysis of key metrics, and providing security recommendations with a focus on developing repeatable, scalable, efficient and effective processes.
- Ensure all entities are aware of their responsibilities and expected outcome of security programs and projects.
- Captures and regularly reports progress and status to leadership.
- Portfolio Management
- Manages the initiation, planning, execution and maintenance of security programs by project management, resource management, budget management, vendor management, risk analysis and ongoing security audits, testing, and continuous monitoring and improvement as appropriate.
- Assist in the analysis of security program portfolio for alignment with organizational vision, strategy and associated current and projected security risks and threats.
- Drive critical highly-integrated security programs to address current and potential security threats and risks while delivering key security requirements, and adherence to security policies and procedures.
- Stays knowledgeable about current security technologies, news and events and how they impact the security policies, procedures and portfolio.
- Support the Office of the CISO in ensuring integration and troubleshooting areas of concern between programs and operations teams.
- Manages special projects and takes on additional responsibilities as needed to support the needs of the InfoSec Department.
- Works closely with the Shared Services Senior Director and team on Affiliate facing issues, communications and projects as directed by the CISO.
- Works with InfoSec Towers (Information Security Architecture, Operations, Governance, Risk and Compliance (GRC), and Shared Services).
- Works closely with the Shared Services Director on Affiliate facing issues and projects.
- Provides strong, consistent communication updates across the federation on major updates and initiatives that have a high degree of organizational impact.
- Serves as an InfoSec Liaison to National Office workgroups as directed by CISO.
- Works with senior staff across the National Office and Affiliates to support relevant organizational management responsibilities.
- Serve as point person and partner to Finance, IS, Facilities, Security, IT, and Affiliates on operational work related, consulting and serving as a hub where applicable.
- Works with the operations teams to develop tools to ensure coordination of projects and deliverables; support opportunities to better integrate and align core operations processes with organizational program needs.
Knowledge, Skills, and Abilities (KSAs)
- Bachelor’s degree and 6+ years of broad-based information technology experience with strong focus on the information security domain. Expertise in the following areas: delivering technology capabilities, enterprise program management leadership with a proven track record of delivery success as measured by customer satisfaction.
- Experience in a regulated industry is a plus, specifically healthcare.
- Affiliate or client management experience is a plus.
- Certifications are a plus (CISSP, CISM, CISA, etc.).
- Solid service delivery experience in a cross-functional environment is required.
- Strong executive presence, communication, and collaboration skills with Senior
- Public speaking.
- Practical IT experience with modern information security technologies and vendor
- solutions to include but not limited to strong authentication, network security, endpoint security, cloud/SaaS/PaaS security, security information and event management, SSDLC, mobile security, privacy, and regulatory compliance.
- Business management skills (budgeting, planning, presentation development, organization theory, quality management) are required.
- Experience leading, coordinating vendor solution delivery and partnering effectively
- with vendors to meet affiliate and PPFA business needs.
- Project Management Professional Certification (PMP) desired, but not required with relevant security or technology work experience.
- Experience with information security frameworks: HIPAA, PCI DSS, NIST, ISO 27001, HITRUST.