Head of Cyber Security - Infrastructure & Application Security (Healthcare)
• Posted 1 day ago • Updated 20 minutes agoFull Time
On-site
To define
HCL America Inc.
Fitment
Dice Job Match Score™
📊 Calculating match score...
Job Details
Skills
- Workflow
- Mentorship
- Network
- Cloud Computing
- Identity Management
- Backup
- Disaster Recovery
- Accounting
- Risk Assessment
- Threat Modeling
- Data Flow
- Risk Management
- HIPAA
- Auditing
- Reporting
- Incident Management
- Recovery
- Regulatory Compliance
- Privacy
- Operational Excellence
- KPI
- Dashboard
- Investments
- Vulnerability Management
- System On A Chip
- Vendor Management
- Negotiations
- Cyber Security
- Cloud Security
- Budget
- Roadmaps
- Management
- Health Care
- Medical Devices
- CISSP
- CISM
- Cisco Certifications
- Legacy Systems
- Accountability
- Software Security
- Leadership
Summary
HCL Technologies Limited
Role Overview
The Cyber Security Leader is accountable for the overall security posture of hospital infrastructure, clinical applications, and digital platforms. This role sets the security strategy, governs architecture and operations, and ensures cyber risk is managed without compromising patient care, clinical workflows, or system availability.
This leader works across IT, clinical leadership, compliance, and executive stakeholders to translate cyber risk into business and patient-safety impact and to drive pragmatic, scalable security outcomes.
Key Responsibilities
Strategy & Leadership
* Define and execute the hospital s cyber security strategy across infrastructure, applications, and cloud
* Establish security principles and standards aligned with clinical and operational realities
* Act as the primary cyber security advisor to CIO, CISO, and clinical leadership
* Build, lead, and mentor security architects, engineers, and operational teams
Infrastructure & Platform Security Ownership
* Own security posture for:
* Network, endpoint, server, and cloud environments
* Identity and access management
* Backup, disaster recovery, and ransomware resilience
* Drive zero-trust adoption while accounting for legacy and clinical systems
* Ensure medical devices and shared clinical workstations are governed under a risk-based model
Application & Digital Security Leadership
* Govern security for clinical and enterprise applications, including EHR and third-party platforms
* Establish secure development and deployment standards across internal and vendor-built systems
* Oversee application risk assessments, threat modeling, and remediation prioritization
* Ensure secure integrations, APIs, and data flows across the hospital ecosystem
Risk, Compliance & Resilience
* Own cyber risk management aligned with healthcare regulations and frameworks (HIPAA, HITRUST, NIST)
* Lead audit readiness, regulatory responses, and executive risk reporting
* Drive ransomware preparedness, incident response, and recovery planning
* Partner with legal, compliance, and privacy teams on breach response and regulatory obligations
Operational Excellence & Metrics
* Define security KPIs and executive dashboards tied to risk reduction and business outcomes
* Prioritize investments based on risk, patient safety, and operational impact
* Oversee vulnerability management, patching strategy, and third-party risk programs
* Ensure SOC capabilities align with hospital threat landscape
Stakeholder & Vendor Management
* Influence clinical, IT, and business leaders without disrupting care delivery
* Govern third-party and managed-service security providers
* Participate in contract reviews, RFPs, and vendor security negotiations
Required Qualifications
* 12+ years of cyber security experience with progressive leadership responsibility
* Proven experience leading cyber security in healthcare or similarly regulated environments
* Strong background across infrastructure, application, and cloud security
* Ability to communicate cyber risk in plain language to executives and clinicians
* Experience managing budgets, teams, and security roadmaps
Preferred Qualifications
* Direct experience supporting hospitals or large healthcare systems
* Familiarity with EHR platforms and medical device security
* Experience leading zero-trust or large-scale security transformations
* Security leadership certifications (CISSP, CISM, CCSP)
What Success Looks Like
* Cyber security is viewed as an enabler of safe patient care, not an obstacle
* Reduced risk exposure from ransomware, legacy systems, and third-party vendors
* Clear accountability and governance across infrastructure and application security
* Strong trust with executive and clinical leadership
Disclaimer
HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to for investigation.
Compensation and Benefits
A candidate s pay within the range will depend on their skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year
Role Overview
The Cyber Security Leader is accountable for the overall security posture of hospital infrastructure, clinical applications, and digital platforms. This role sets the security strategy, governs architecture and operations, and ensures cyber risk is managed without compromising patient care, clinical workflows, or system availability.
This leader works across IT, clinical leadership, compliance, and executive stakeholders to translate cyber risk into business and patient-safety impact and to drive pragmatic, scalable security outcomes.
Key Responsibilities
Strategy & Leadership
* Define and execute the hospital s cyber security strategy across infrastructure, applications, and cloud
* Establish security principles and standards aligned with clinical and operational realities
* Act as the primary cyber security advisor to CIO, CISO, and clinical leadership
* Build, lead, and mentor security architects, engineers, and operational teams
Infrastructure & Platform Security Ownership
* Own security posture for:
* Network, endpoint, server, and cloud environments
* Identity and access management
* Backup, disaster recovery, and ransomware resilience
* Drive zero-trust adoption while accounting for legacy and clinical systems
* Ensure medical devices and shared clinical workstations are governed under a risk-based model
Application & Digital Security Leadership
* Govern security for clinical and enterprise applications, including EHR and third-party platforms
* Establish secure development and deployment standards across internal and vendor-built systems
* Oversee application risk assessments, threat modeling, and remediation prioritization
* Ensure secure integrations, APIs, and data flows across the hospital ecosystem
Risk, Compliance & Resilience
* Own cyber risk management aligned with healthcare regulations and frameworks (HIPAA, HITRUST, NIST)
* Lead audit readiness, regulatory responses, and executive risk reporting
* Drive ransomware preparedness, incident response, and recovery planning
* Partner with legal, compliance, and privacy teams on breach response and regulatory obligations
Operational Excellence & Metrics
* Define security KPIs and executive dashboards tied to risk reduction and business outcomes
* Prioritize investments based on risk, patient safety, and operational impact
* Oversee vulnerability management, patching strategy, and third-party risk programs
* Ensure SOC capabilities align with hospital threat landscape
Stakeholder & Vendor Management
* Influence clinical, IT, and business leaders without disrupting care delivery
* Govern third-party and managed-service security providers
* Participate in contract reviews, RFPs, and vendor security negotiations
Required Qualifications
* 12+ years of cyber security experience with progressive leadership responsibility
* Proven experience leading cyber security in healthcare or similarly regulated environments
* Strong background across infrastructure, application, and cloud security
* Ability to communicate cyber risk in plain language to executives and clinicians
* Experience managing budgets, teams, and security roadmaps
Preferred Qualifications
* Direct experience supporting hospitals or large healthcare systems
* Familiarity with EHR platforms and medical device security
* Experience leading zero-trust or large-scale security transformations
* Security leadership certifications (CISSP, CISM, CCSP)
What Success Looks Like
* Cyber security is viewed as an enabler of safe patient care, not an obstacle
* Reduced risk exposure from ransomware, legacy systems, and third-party vendors
* Clear accountability and governance across infrastructure and application security
* Strong trust with executive and clinical leadership
Disclaimer
HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to for investigation.
Compensation and Benefits
A candidate s pay within the range will depend on their skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: hcl001APP
- Position Id: 60844-43968761
- Posted 1 day ago
Company Info
HCLTech is a global technology company, home to more than 223,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending March 2025 totaled $13.8 billion.
We have been recognized as a Global Top Employer by the Top Employers Institute for the second time in a row for outstanding HR policies and best practices worldwide. We have also been certified as a Top Employer in 26 countries across three regions, Asia Pacific, Europe & Africa and North America. Out of the 26 countries, HCLTech is ranked number one in 15 countries.
These accolades re-affirm our commitment to our people by helping them maximize their potential and building an inclusive and progressive workplace that help our employees find their spark.
Create job alert
Never miss an opportunity! Create an alert based on the job you applied for.Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs