Jobs › Texas › Houston › Chief Information Security Officer
Chief Information Security Officer
Texas Children's Hospital is hiring for the role of Chief Information Security Officer, Houston, TX (On-site). This is a Governance role in the governance, risk, and compliance field. Review the full details below and apply directly with Texas Children's Hospital.
At Texas Children’s Hospital, our mission starts with our people. Guided by our HEART values—Humility, Excellence, Accountability, Respect, and Trust—we strive to create a workplace where teammates feel valued, supported, and empowered to do their best work every day.
The Chief Information Security Officer is a strategic leader responsible for designing, implementing, and advancing a comprehensive cybersecurity program that safeguards sensitive health information and critical systems across the Texas Children’s enterprise. This role partners closely with executive leadership to align security initiatives with organizational priorities—ensuring regulatory compliance, strengthening risk management, and fostering a culture of security awareness in support of delivering exceptional care.
What You’ll Do:
Lead Enterprise Security Strategy
Define and execute a forward-looking information security strategy aligned with organizational and clinical priorities
Establish scalable, enterprise-wide security frameworks, policies, and standards
Partner with executive leadership to integrate cybersecurity into broader business and technology strategies
Protect Critical Systems & Data
Safeguard the confidentiality, integrity, and availability of ePHI and other sensitive data across the organization
Identify, assess, and mitigate cybersecurity risks in a complex healthcare environment
Strengthen defenses against evolving threats through proactive monitoring and continuous improvement
Drive Compliance & Governance
Ensure compliance with HIPAA, HITECH, and applicable federal and state regulations
Align security practices with industry standards such as NIST and ISO frameworks
Lead audit readiness efforts and support regulatory and accreditation requirements, including Joint Commission standards
Lead Incident Response & Risk Management
Oversee incident response capabilities, including detection, investigation, containment, and recovery
Develop and maintain robust risk management and remediation strategies
Provide clear, timely communication and reporting during security events
Advance Security Through Technology & Innovation
Partner with IT to embed security across infrastructure, applications, and digital health technologies
Oversee security practices related to cloud environments, identity and access management, and data protection
Ensure secure integration of EHR systems and medical devices
Build a Culture of Security Awareness
Champion security awareness and training programs for teammates and clinical staff
Promote a culture of accountability and shared responsibility for protecting patient and organizational data
Lead & Develop High-Performing Teams
Build, mentor, and lead a high-performing information security team
Establish clear goals, performance expectations, and professional development pathways
Foster collaboration across teams to drive security maturity and operational excellence
Provide Strategic Insight to Leadership
Deliver regular security updates, risk assessments, and actionable insights to executive leadership and the board
Translate complex technical risks into clear business impact and strategic recommendations
Strengthen Enterprise Partnerships
Collaborate with IT, Compliance, Legal, Risk, and operational leaders to embed security across all functions
Manage third-party/vendor risk and ensure strong external security practices
Expertise & Leadership Capabilities
Deep knowledge of healthcare regulations (HIPAA, HITECH) and security frameworks (NIST, ISO/IEC 27001)
Experience in risk assessment, incident response, and security operations in complex environments
Strong understanding of EHR systems, medical device security, and healthcare technologies
Expertise in cloud security, identity & access management, and data protection strategies
Experience managing third-party/vendor security risk
What You'll Bring:
Qualifications:
10+ years of progressive experience in information security (Required)
5+ years of leadership or management experience (Required)
3+ years of experience in a healthcare environment (Preferred)
Education
Bachelor’s degree in information security, Computer Science, Information Technology, or related field (required)
Master’s degree (preferred)
Preferred Certifications
CISSP – Certified Information Systems Security Professional
CISM – Certified Information Security Manager
HCISPP – Healthcare Information Security and Privacy Practitioner
Location and market context
This role is based in Houston on-site. Local candidates benefit from being close to Texas Children's Hospital's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About governance roles
Governance roles design the structures, policies, and oversight that keep complex programs accountable, coordinating across legal, risk, compliance, and technology. Roles like this one are typically evaluated against frameworks such as governance frameworks, policy standards, and oversight and reporting practices.
How to position yourself for this governance role
Strong candidates emphasize policy and standard-setting, committee and stakeholder coordination, oversight reporting, and translating strategy into durable operating structures. In your resume and outreach, tie your experience to how Texas Children's Hospital would apply governance frameworks, policy standards, and oversight and reporting practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
- Director, Governance, Risk, and Compliance (GRC) · Clover Health · Dallas, TX · Remote
- Senior GRC Engineer · Lantern · Dallas, TX
- AI Governance Analyst · Analog Devices · Austin, TX
- Senior Counsel, Regulatory · Saronic · Austin, TX
- Director of Product, Conversational AI & Governance · Ethos Life · Houston, TX · Remote
- Senior Director, Enterprise Risk Management · Affirm · Houston, TX · Remote
Employer, or see something wrong with this posting? Report this posting and we will review it promptly.