Director Physical Security: can be based in Renton WA, Spokane WA or Missoula MT

at  Providence

QUALIFICATIONS

• Bachelor’s Degree in Homeland Security, or Criminal Justice, or Organizational Management; or equivalent educ/experience
• Master’s Degree in Homeland Security, or Criminal Justice, or Organizational Management; or equivalent educ/experience (preferred)
• Within 6 months (180 days) of hire Certification in Physical Security, i.e., Certified Protection Professional (CPP) or Physical Security Professional (PSP)
• 10 or more years of experience in physical security, safety, law enforcement within a multidisciplinary team
• 5 years of experience managing security professionals
• Demonstrates exceptional integrity and a commitment to PSJH core values.
• Possesses sound judgment, and strong organizational and cognitive skills.
• Ability to translate strategic directions and guidance into tactical plans, processes, and tools to achieve the strategic outcomes
• Knowledge of information privacy and security laws and standards. Has strong working knowledge of security risk management practices as well as regulatory and industry compliance requirements such as HIPAA, HITECH, JCAHO, PCI-DSS etc. Has strong working knowledge of security standards and frameworks such as NIST, ISO, HITRUST etc.
• Strong functional knowledge of information security and associated technologies; with a strong emphasis on GRC
• Possesses excellent oral and written communication skills, including the ability to educate non-technical stakeholders on security risk and risk mitigation strategies.
• Demonstrates strong people skills and effective interpersonal relationships, including interfacing with executive leaders
• Demonstrates strong leadership skills
• Ability and confidence to successfully work with clients, including CMOs and outside regulators, managers and front-line employees in a wide range of entities
• Ability to meet time budgets and project deadlines
• Negotiates successful outcomes with strong problem-solving, conflict resolution and negotiation skills
• Tenacious in resolving difficult problems
• Demonstrates superior team-building skills; leading, recruiting, training and inspiring a diverse group of individuals
• Able to delegate tasks and prioritize projects, and willingness to effectively address difficult situations.

THE ROLE

This position reports to the Executive Director, Information and Physical Security, Risk and Integrity Services, and provides leadership and direction on long-range planning and leadership for Physical Security for 5 locations: St Joesph in Polson, MT, St Patrick’s Missoula, MT, Kadlec in Kennewick, WA, St Mary’s in Walla Walla, WA and our main Renton, WA campus. This position fills a key role within PSJH’s enterprise security program.
This role works with operational areas within the Regions, including Quality, Risk, Legal, and Real Estate, Clinical, to provide guidance and oversight related to security-related policies, standards, processes, training and consultative services. This includes managing the development and execution of the overall security strategy and aligned initiatives and projects. This position is also responsible for developing and maintaining enterprise reporting and analytics for security services, and ensuring services are appropriately structured, documented, communicated, Effective at mitigating risks, and meeting the needs of the organization. In addition, this position is responsible for developing and managing the governance framework of security committees and workgroups to ensure that the enterprise security program has the appropriate levels of engagement and partnerships to affect positive change in the overall organization’s security posture. This includes working with clinical partners to ensure workplace violence prevention training and awareness from a physical security perspective.

ESSENTIAL FUNCTIONS

• Security Leadership:
• Oversees the enterprise physical security team in Risk and Integrity Services under Executive Director.
• Recommends and implements an aligned security program that will identify risks, establish a consistent framework, and promote ethical and lawful conduct that is consistent with that which is required by regulatory agencies, PSJH policies and procedures and PSJH’s Code of Conduct.
• Drives/coordinates organizational and operational transformation initiatives, ongoing process improvement and optimization of transformational initiatives, and ongoing process improvement and optimization of the Physical Security program and practices.
• Develop and propose initiatives that support the creation and implementation of operational support models, availability models, system portfolios, service delivery playbooks, service dashboards (key performance indicators, key risk indicators) and system inventory financial portfolios.
• Advocate for and create operational processes to drive efficiencies, quality of service, cost containment, and reduce operational risks.
• Facilitate the development of Physical Security policies, standards, processes and procedures for the enterprise.
• Develop written reports and present them to executive management and to the appropriate committees of the boards to keep leadership and members apprised of significant security issues and risks. This includes workplace violence prevention.
• Collaborates with the Risk and Integrity Services Physical Security functional team to perform physical security risk assessments and to provide input into the development of remediation strategies and metrics.
• Provide leadership for the development, implementation, and management of structures that enable the effective and efficient region-wide delivery of the security program and associated services.
• Develop strong relationships across the organization, working collaboratively with PSJH leaders, IT, and other cross functional teams to ensure security services are appropriately structured, documented, communicated, effectively mitigating risks, and meeting the needs of the organization.
• Lead the development and management of comprehensive security Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), and Service Level Agreements (SLAs) for all security services.
• Work under minimal supervision and be self-motivated. Define, plan and execute administrative and technical structures, initiatives, methodologies, and tasks that enable the effective and efficient delivery of their scope of services.
• Lead and contribute to governance committees, workgroups, task forces, and other forums to ensure appropriate and timely identification, review, and mitigation of security risks by the responsible parties.
• Coach and mentor Caregivers as the leader of physical security, identify training needs and recommend developmental programs.
• Coordinate the development and proper management of the security budget.
• Provide back-up support and assistance to other security Directors and managers, and lead special projects and initiatives assigned by the Executive Director.
• Program Management:
• Coordinate and manage the development and maintenance of regional security strategy and the initiatives/projects that enable the fulfillment of the strategy. Proactively monitor that security initiatives are on track and in alignment with the strategy.
• Provide regional leadership for the development, adoption, implementation, and management of the Security Maturity Management program that benchmarks and tracks the maturity of the overall security program. This includes, but is not limited to, the development and management of a maturity tracking framework that accounts for all aspects of security (e.g., application, data, physical, governance, device etc.) and ensure that the overall strategy and initiates are aligned with bolstering the maturity of the overall PSJH security program.
• Lead the development and management of internal assurance processes that ensure the department’s functions are compliant with security and organizational policies and standards.
• Develop, establish, and maintain framework for security governance committees and workgroups necessary to ensure visibility and engagement with key stakeholders and decision makers across the organization. In addition, identify and track all of the System Office, regional, and local governance committees and workgroups (e.g., IT project approval committees, change management, Executive Management Team committees) that security should participate on or periodically engage with and ensure that security has appropriate representation and level of engagement.
• Ensure that security-lead committees and workgroups have appropriate scope, chatters, cross-functional membership, leadership etc. Also perform periodic review to ensure they are effectively meeting their chatter and identify areas for improvement.
• Lead the development, implementation, and management of security risk escalation management processes.
• Service Management:
• Coordinate and lead, as appropriate, the development, documentation, communication, and maintenance of processes that enable the effective and efficient delivery of security services. Establish and lead process improvement reviews.
• Lead the development, communication, and maintenance of a Security Service Catalog. This includes but is not limited to ensuring Caregiver awareness of our services and access to efficient processes for engaging our services, documented Service Level/ Partnership Agreements (so that Caregivers are aware of what is required of them in order for security to deliver a given service), and built-in mechanism for Caregivers to know the status of their requests.
• Collaborate with Strategic Services, Wellness Centers, medical groups, and other merge, acquisition, and affiliation leaders to ensure the department’s integration into their processes. Provide leadership over the assessment of entities with whom PSJH is seeking to merge, affiliate or acquire, and lead post transaction security program integration activities.
• Reporting and Analytics:
• Provide leadership over the development, implementation, and management of enterprise-wide Governance Risk & Compliance (GRC) technology. Ensure that the appropriate security program and risk management data are managed within the GRC in order to provide an enterprise view of security risks.
• Provide leadership over the development, implementation, and management of reporting, dash boarding, and analytics tools necessary to analyze and manage the security posture of the organization and the delivery of security services.
• Lead the development, and maintenance of enterprise security Key Risk Indicators (KRI) and Key Performance Indicators (KPIs).
• Provide leadership over the development, management, and distribution of security dashboards and reports that enable the appropriate local, regional, System leadership, and Board level visibility and accountability for the timely and effective mitigation of security risks.
• Provide leadership over the development of Board, governance committee, and other materials as directed by the Executive Director.
• Provide leadership over the development and delivery of as needed training to ensure the appropriate Caregivers are able to effectively leverage the GRC and other risk management and reporting tools.