Director IT Governance Job at NCH Healthcare System – 3.3 in Naples, FL

Job Description


18231 – IT Administration








Occasional Weekend Shifts

Job Details

The purpose of this position is to support our mission to help everyone live a longer, happier, and healthier life. Specifically, the Director, I.T. Governance will support the four Engines of Success that include: Internal (to increase level of service performed by employee) – Customer Service (to increase patient, physician, and customer satisfaction) – People (to increase employee satisfaction and lower employee turnover) – Financial (to increase net revenue and to reduce costs). The Director, I.T. Governance will serve as the process owner of all assurance activities related to the availability, integrity and confidentiality of our information assets and has the responsibility for operational defenses, investigations, HIPAA Security Compliance, and incident responses including communication to the appropriate groups.


Security Responsibilities

Holds the role of Information Security Officer

Develops, manages, and maintains an information technology risk mitigation strategy including, but not limited to, and annual risk assessment.

Evaluates new cybersecurity threats and IT trends and develop effective security controls.

Develops, manages, and maintains the business continuity and disaster recovery program for the I.T. department.

Oversees development of security awareness programs.

Evaluates potential security breaches, coordinates response and recommend corrective actions.

Defines and reports on information security metrics.

Oversee the Identity, Access and Privileged Management process and policies.

Ability to define information security needs, develop and implement information security systems, tools and techniques and an ability to develop and mentor talent among the information security staff.

Work with internal audit and outside consultants as appropriate on information security audits and address audit findings as agreed upon.

Experience with business continuity planning, auditing, and risk management, as well as contract, vendor negotiation and vendor management.

Experience with solid understanding of information technology and information security.

Promote strategic relationships between internal resources and external entities, including customers, vendors, and partner relationships.

Performs random internal audits of I.T. functions to ensure compliance with policy, procedures, and best practices.

Implement best practices, regulatory and compliance requirements that affect security for the enterprise. This includes, but not limited to HIPAA, HITECH, and PCI compliance.

Project Management Responsibilities

Manage a portfolio of projects, programs, sub-portfolios, and operations managed as a group to achieve strategic objectives.

Provide leadership for project team by building and motivating team members to meet project goals and adhere to their responsibilities and project milestones.

Report on project success criteria results, metrics, test and deployment management activities.

Participate in establishing practices, templates, policies, tools and partnerships to expand and mature these capabilities for the organization.

Provide status reporting regarding project milestones, deliverables, dependencies, risks and issues; communicating across leadership.

Set and continually manage project and program expectations while delegating and managing deliverables with team members and stakeholders.

Monitor, track and control outcomes to resolve issues, conflicts, dependencies, and critical path deliverables.

Ensure that projects and programs are proceeding according to scope, schedule, budget and quality standards.

Manage project and program issues and risks to mitigate impact to baseline.

Departmental Standards

Responsible for the overall direction, coordination, and evaluation within areas as assigned.

Manages activities of direct reports inclusive but not limited to; performance appraisals, assisting with professional growth and coaching, daily operational activities to support business operations, and disciplinary actions.

Prepares detailed presentations of systems and applications designs, pricing, and analysis for day to day operations as well as projects and expansion.

Oversees vendor relationships.

Evaluates existing systems, identify deficiencies, and makes performance recommendations.

Perform analysis and capacity planning and assessments for organizational systems and applications to meet corporate objectives.

Participate in ongoing support and maintenance of existing systems and applications. Perform after hours maintenance as required.

Create and maintain detailed project plans, scope of work, and technical documentation in regard to enterprise systems and applications.

Provide research, assessment, and implementation of new technologies, hardware, and software to advance the applications and services rendered by the organization.

Develop and recommend strategies for growth, security, and functional enhancements.

Work with various IT groups for corrective action and compliance to security standards.

Participate in design and strategy meetings for assigned projects for the enterprise and provide timely project updates to customers and management.

Recommend and draft procedures and guidelines for areas of responsibility.

Chair meetings to include Vendors and other corporate groups as needed.

Mentor and coach peers and other departments on operations processes and technologies as needed. Performs employee evaluations.

Develops strategic and tactical plans that align with organizational and departmental vision and mission.

Leads optimization efforts to maximize the investment applications, systems, and technology.

Strives for continuous improvement and increased customer satisfaction by meeting with key stakeholders on a routine basis.

Keep abreast of projects and proposals. Provides guidance to senior leadership as well as the business to ensure optimal end user satisfaction and functionality.

Serves as a liaison between the business and the IT department.

Participate in Disaster Recovery planning, implementation, and testing.


Minimum of a bachelor’s degree in Business, Information Technology, or related field. Prefer Master’s Degree in Business, Technology, or related field.

Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) required.

Project Management Professional (PMP) required.

Minimum of 12 years of information technology experience with a minimum of 5 years of information security experience.

Excellent verbal and written communication skills are required.

Ability to solve complex problems in a timely manner.

Accurate with good attention to detail.

Ability to work under own initiative / self-motivated.

Experience working in a large cross-functional team environment.

Supervisor skills – Demonstrated ability to lead people and produce results through others.

Experience with information technology optimization is preferred.

Must have working knowledge of the industry. This includes but not limited to configuration management principles and practices, software development lifecycle, and network/application security practices.

Must have experience in a healthcare environment.

Must have a strong understanding of clinical and non-clinical systems (ERP, HRIS, etc.).

Must have a strong understanding of interfaces, reporting, and scripting.

Experience working in fast paced environment.

Must have strong understanding of security best practices.

Experience building and managing budgets.

Proficient in the Microsoft Office Suite (Word, Excel, PowerPoint, OneNote, Outlook, Visio).

About Company

Company: NCH Healthcare System – 3.3

Company Location:  Naples, FL

About NCH Healthcare System - 3.3