Cyber Security Officer

Description:

AO Multispecialty Clinic is seeking a highly skilled and proactive Cyber Security Officer to oversee and strengthen the organization’s information security posture.

This role is responsible for protecting sensitive patient and organizational data, ensuring compliance with HIPAA and other regulatory requirements, and proactively identifying and mitigating cybersecurity risks across all systems and locations.

The Cyber Security Officer will work closely with IT, leadership, and external vendors to implement security strategies, monitor threats, and respond to incidents in a fast-paced healthcare environment.

Key Responsibilities

Security Strategy & Oversight

• Develop, implement, and maintain the organization’s cybersecurity program
• Establish and enforce security policies, procedures, and best practices
• Conduct regular risk assessments and vulnerability analyses
• Ensure alignment with HIPAA, HITECH, and other regulatory requirements

Threat Monitoring & Incident Response

• Monitor systems for security threats, breaches, and vulnerabilities
• Lead incident response efforts, including investigation, containment, and resolution
• Coordinate with external security vendors and partners as needed
• Maintain incident response plans and conduct periodic testing

Compliance & Risk Management

• Ensure compliance with healthcare data protection standards and audits
• Conduct internal security audits and support external audits
• Maintain documentation for compliance and regulatory reporting
• Provide guidance on risk mitigation strategies

Systems & Infrastructure Security

• Oversee network security, firewalls, endpoint protection, and access controls
• Manage identity and access management (IAM) policies and procedures
• Ensure proper encryption, backup, and data protection protocols
• Evaluate and secure third-party systems and vendors

Training & Awareness

• Develop and deliver cybersecurity awareness training for staff
• Promote best practices for data security and phishing prevention
• Support a culture of security awareness across the organization

Collaboration & Project Support

• Partner with IT and operations on system implementations and upgrades
• Provide security guidance for new technologies and workflows
• Support business continuity and disaster recovery planning

Skills & Competencies

• Strong attention to detail and risk awareness
• Ability to respond quickly and effectively to security incidents
• Excellent communication skills, including the ability to translate technical risks to leadership
• High level of integrity and confidentiality
• Proactive and strategic mindset

Work Environment

• Office-based role within a multi-specialty healthcare organization
• Collaboration with IT, operations, and executive leadership
• May require occasional after-hours response for critical security incidents

Benefits

• Competitive compensation
• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement plan options
• Professional development and certification support

About AO Multispecialty Clinic

AO Multispecialty Clinic is a physician-led healthcare organization providing services across Oncology/Hematology, Rheumatology, Urology, Plastic Surgery, and Radiation Therapy. We are committed to protecting patient data and maintaining secure, reliable systems that support high-quality care.

Requirements:

Required

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience)
• 5+ years of experience in cybersecurity, information security, or IT security roles
• Strong knowledge of security frameworks and best practices
• Experience with risk assessments, incident response, and security monitoring
• Understanding of HIPAA and healthcare data security requirements
• Strong analytical and problem-solving skills

Preferred

• Industry certifications such as CISSP, CISM, CEH, or Security+
• Experience in a healthcare or multi-site organization
• Familiarity with network security tools, SIEM systems, and endpoint protection platforms
• Experience managing third-party security vendors