Job Description
We are seeking a contractor to be a strategic partner to cybersecurity leadership, helping translate strategy into execution across programs, communications, and operational planning. The individual will coordinate leadership rhythms (staff/executive meetings, town halls, reporting), support cross‐functional initiatives, and ensure alignment across cybersecurity priorities and stakeholders. The ideal candidate will have experience working in cybersecurity or closely related security functions and be able to quickly understand and operate within a complex security environment. Education Required Bachelor''s degree required in cybersecurity, information technology, business, or related field. Years'' Experience Required 10–15 years of professional experience with at least 5 years in cybersecurity, technology, or security-related functions, and prior experience supporting senior executives. Role Responsibilities In this role, you will bridge the gap between technical security operations and high-level business strategy, ensuring the security organization runs efficiently. As the Chief of Staff (CoS), you will be the strategic architect behind the CISO''s office. You aren''t just an administrator; you are a high-level advisor and operator who ensures the cybersecurity department executes its mission with precision. You will manage the "business of security," allowing the CISO to focus on high-stakes technical leadership and external stakeholder management. Key Pillars Strategic Operations & Governance Strategic Planning: Drive the annual and quarterly planning cycles; track progress against OKRs and KPIs to ensure the security roadmap is on schedule. Strategy Development & Performance Measurement: Lead the translation of the CISO''s multi-year vision into a structured execution roadmap. You will be responsible for defining the Critical Success Factors (CSFs) and establishing a robust measurement framework—utilizing advanced telemetry and security-specific metrics—to quantify risk reduction and demonstrate the ROI of the global security program to executive leadership while maintaining alignment to greater organizational goals. Financial Stewardship: Manage the cybersecurity budget, overseeing vendor relationships, procurement processes, and headcount planning. The "Rhythm of Business": Structure and lead leadership team meetings, off-sites, and town halls to ensure alignment and accountability. Functional Delivery & Global Oversight GICSO Pillar Management: Provide functional management and delivery oversight for one or more core Global Information Security Office (GICSO) pillars (e.g., PMO/MA&D, Strategy & Programs, GRC, Cyber Defense, IAM, or GRC). You will ensure cross-regional alignment, unblock technical dependencies, and guarantee that global security initiatives are delivered on time and within scope across varied geographic business units. Executive Communication & Reporting Executive Proxy & Delegated Authority: Serve as the primary surrogate for the CISO in high-stakes steering committees, executive leadership meetings, and vendor negotiations. You will be empowered to make operational decisions, provide "the voice of the CISO" in their absence, and ensure momentum on critical security mandates is never stalled by scheduling conflicts. The Diplomatic Proxy: Act as the CISO''s ''eyes and ears'' across the organization, triaging requests for the CISO''s time and representing the Security Office in sensitive cross-functional disputes to reach a resolution before escalation. The Operational Proxy: Serve as one of the designated Deputies for the Office of the CISO, assuming leadership over the Global Security leadership team during the CISO''s absence to ensure continuity of operations and incident response readiness. The Strategic Proxy: Translate the CISO''s long-term vision into immediate tactical direction for GICSO pillar leads, serving as the secondary point of contact for executive stakeholders to ensure security alignment with broader business goals. Board Readiness: Prepare high-impact presentations and reports for the Board of Directors and the Audit Committee and the Healthcare Cybersecurity Committee translating technical vulnerabilities into business risk. Internal Liaison: Act as the CISO''s proxy in cross-functional meetings with Finance, Legal, HR, and OUs as needed. Ghostwriting: Draft and or review internal announcements, security culture memos, and executive-level briefings. Development of presentations which distill complex technical risks into clear business-centric narratives for both internal and external speaking engagements. Operational Oversight: Streamlining the "rhythm of business" by ma