GRC CareersConnecting Talent and Trust. Post a Job Log in

JobsTexasHoustonChief Information Security Officer

Chief Information Security Officer

Texas Children's Hospital
GovernanceOn-siteFull-timeHouston, TX

Texas Children's Hospital is hiring for the role of Chief Information Security Officer, Houston, TX (On-site). This is a Governance role in the governance, risk, and compliance field. Review the full details below and apply directly with Texas Children's Hospital.

Organization: Texas Children's HospitalLocation: Houston, TXWorkplace: On-siteFocus: GovernancePosted: Jul 14, 2026
Texas Children's Hospital is hiring for this Governance role in Houston, one of the metros GRC Careers tracks for governance, risk, and compliance hiring. See other GRC roles in Houston →

At Texas Children’s Hospital, our mission starts with our people. Guided by our HEART values—Humility, Excellence, Accountability, Respect, and Trust—we strive to create a workplace where teammates feel valued, supported, and empowered to do their best work every day.
The Chief Information Security Officer is a strategic leader responsible for designing, implementing, and advancing a comprehensive cybersecurity program that safeguards sensitive health information and critical systems across the Texas Children’s enterprise. This role partners closely with executive leadership to align security initiatives with organizational priorities—ensuring regulatory compliance, strengthening risk management, and fostering a culture of security awareness in support of delivering exceptional care.
What You’ll Do:
Lead Enterprise Security Strategy
Define and execute a forward-looking information security strategy aligned with organizational and clinical priorities 
Establish scalable, enterprise-wide security frameworks, policies, and standards 
Partner with executive leadership to integrate cybersecurity into broader business and technology strategies 
Protect Critical Systems & Data
Safeguard the confidentiality, integrity, and availability of ePHI and other sensitive data across the organization 
Identify, assess, and mitigate cybersecurity risks in a complex healthcare environment 
Strengthen defenses against evolving threats through proactive monitoring and continuous improvement 
Drive Compliance & Governance
Ensure compliance with HIPAA, HITECH, and applicable federal and state regulations 
Align security practices with industry standards such as NIST and ISO frameworks  
Lead audit readiness efforts and support regulatory and accreditation requirements, including Joint Commission standards 
Lead Incident Response & Risk Management
Oversee incident response capabilities, including detection, investigation, containment, and recovery 
Develop and maintain robust risk management and remediation strategies 
Provide clear, timely communication and reporting during security events 
Advance Security Through Technology & Innovation
Partner with IT to embed security across infrastructure, applications, and digital health technologies 
Oversee security practices related to cloud environments, identity and access management, and data protection 
Ensure secure integration of EHR systems and medical devices 
Build a Culture of Security Awareness
Champion security awareness and training programs for teammates and clinical staff 
Promote a culture of accountability and shared responsibility for protecting patient and organizational data 
Lead & Develop High-Performing Teams
Build, mentor, and lead a high-performing information security team 
Establish clear goals, performance expectations, and professional development pathways 
Foster collaboration across teams to drive security maturity and operational excellence 
Provide Strategic Insight to Leadership
Deliver regular security updates, risk assessments, and actionable insights to executive leadership and the board 
Translate complex technical risks into clear business impact and strategic recommendations 
Strengthen Enterprise Partnerships
Collaborate with IT, Compliance, Legal, Risk, and operational leaders to embed security across all functions 
Manage third-party/vendor risk and ensure strong external security practices 
Expertise & Leadership Capabilities
Deep knowledge of healthcare regulations (HIPAA, HITECH) and security frameworks (NIST, ISO/IEC 27001) 
Experience in risk assessment, incident response, and security operations in complex environments 
Strong understanding of EHR systems, medical device security, and healthcare technologies 
Expertise in cloud security, identity & access management, and data protection strategies 
Experience managing third-party/vendor security risk 
What You'll Bring: 
Qualifications: 
10+ years of progressive experience in information security (Required)
5+ years of leadership or management experience (Required)
3+ years of experience in a healthcare environment (Preferred)

Education
Bachelor’s degree in information security, Computer Science, Information Technology, or related field (required) 
Master’s degree (preferred)

Preferred Certifications
CISSP – Certified Information Systems Security Professional 
CISM – Certified Information Security Manager 
HCISPP – Healthcare Information Security and Privacy Practitioner

Location and market context

This role is based in Houston on-site. Local candidates benefit from being close to Texas Children's Hospital's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.

About governance roles

Governance roles design the structures, policies, and oversight that keep complex programs accountable, coordinating across legal, risk, compliance, and technology. Roles like this one are typically evaluated against frameworks such as governance frameworks, policy standards, and oversight and reporting practices.

How to position yourself for this governance role

Strong candidates emphasize policy and standard-setting, committee and stakeholder coordination, oversight reporting, and translating strategy into durable operating structures. In your resume and outreach, tie your experience to how Texas Children's Hospital would apply governance frameworks, policy standards, and oversight and reporting practices, and lead with concrete outcomes rather than duties.

Similar GRC roles

Employer, or see something wrong with this posting? Report this posting and we will review it promptly.