Vice President, Information Security (CISO) - Houston, TX

The Vice President of Information Security plays a pivotal role in safeguarding Empower Pharmacy’s digital infrastructure and aligning the company’s security strategy with business goals and industry best practices. This role is crucial to ensuring that the company’s data and systems are protected from evolving cybersecurity threats while maintaining compliance with regulatory standards. The VP of Information Security will collaborate across departments, ensuring that Empower’s values of people, service, quality, and innovation are at the core of every security initiative.

Reporting directly to the Chief Technology Officer, the VP will oversee the enterprise-wide security program, managing internal teams and external vendors to ensure the implementation of a robust security strategy. This includes leading efforts to assess and address security risks, manage incidents, and ensure organizational adherence to cybersecurity policies. By working closely with key stakeholders, such as audit and risk, legal, compliance, and operations teams, this leader will ensure seamless integration of security initiatives throughout the company.

In addition to driving incident response, the VP will evaluate the security posture of third-party vendors, ensuring stringent requirements and risk management measures are in place. This role will provide mentorship and leadership to team members, fostering a culture of collaboration, innovation, and continuous improvement. Staying informed of industry trends and security best practices will be key in adapting and enhancing Empower’s security framework.

Empower Pharmacy is committed to producing innovative medications that help people live healthier lives. If you are passionate about making a significant impact by shaping the future of security within a fast-growing, mission-driven organization, we invite you to apply and contribute to expanding access to quality, affordable medication.

• Reports to the Chief Technology Officer and oversees strategic management of the enterprise-wide corporate security program.
• Provides leadership oversight for direct staff and external vendors, ensuring alignment with Empower Pharmacy’s cyber and data security vision.
• Drives the development and execution of a comprehensive information security strategy that aligns with business goals and industry best practices.
• Conducts thorough research and assessments to determine the organization’s information security needs.
• Collaborates with senior management and key business stakeholders (audit & risk, legal, compliance, operations, IT) to manage and resolve security incidents.
• Plans and implements information security projects that meet key business objectives across the organization.
• Establishes and enforces robust information security policies, standards, and procedures, ensuring adherence across the organization.
• Effectively leads incident response efforts in the event of a cybersecurity breach or incident, including coordinating with internal teams and external stakeholders to mitigate the impact and ensure timely resolution and communication.
• Evaluates the security posture of third-party vendors and partners and ensuring that appropriate security measures are in place to protect shared data and resources.
• Defines stringent security requirements and manages security risks associated with third party vendors to ensure compliance with organizational standards.
• Provides strong leadership to the various team members through mentoring, career development, interpersonal skills, teamwork ethic, and enabling leadership skills.
• Exhibits effective team leadership and collaboration skills, with the ability to work effectively with others through conflicting pressures and priorities while resolving complex issues.
• Establishes a culture of high performance, productivity, creativity, and innovation.
• Stays informed on the evolving landscape of security and technology to continuously improve security practices and policies.
• Performs other duties assigned.

To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable qualified individuals with disabilities to perform the essential functions.

While performing the responsibilities of the job, the employee is required to talk and hear. The employee is often required to remain in a stationary position for a significant amount of the workday and frequently use their hands and fingers to handle or feel in order to access, input, and retrieve information from the computer and other office productivity devices. The employee is regularly required to move about the office and around the corporate campus. The employee is regularly required to stand, walk, reach with arms and hands, climb or balance, and to stoop, kneel, crouch or crawl.

• Proficiency in Cyber security tools, especially endpoint solutions, intrusion prevention systems and data loss prevention systems.
• Strong understanding of information security principles, practices, and technologies, including network security, application security, cloud security and endpoint security.
• Superior written and verbal communication skills to engage with partners and with external information security and privacy professionals.
• Working knowledge of Health Insurance Portability and Accountability Act (HIPAA), National Institute of Standards and Technology, International Organization for Standardization 27002 & 27799, Control Objectives for Information and Related Technologies, Information Technology Infrastructure Library, and Information Security Best Practices.
• Familiar with industry-specific regulations and standards (HIPAA preferred) to ensure organizational compliance.
• A deep and well-rounded information and cyber security background with proven ability to develop and articulate a long-term vision for the organization’s cyber security strategy.
• Proven track record of developing and implementing secure processes and systems used to prevent, detect, mitigate, and recover from cyberattacks with strong exposure to firewalls, encryption, and other technology-based safeguards.
• Strong security architecture background with experience building and driving a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets.
• Deep commitment to lead a pervasive culture of security consciousness with purposeful intent that aligns with Empower Pharmacy’s mission and values.
• Deep credibility in developing and delivering security awareness programs and training initiatives to educate employees and stakeholders on cybersecurity best practices and procedures.
• Ability to negotiate and manage external relationships with contracting firms, application developers, third-party vendors.
• Demonstrated ability to lead complex projects involving multiple organization units, systems, and/or technical components.

Key Competencies

• Customer Focus: Ability to build strong customer relationships and deliver customer centric solutions.
• Optimizes Work Processes: Know the most effective and efficient processes to get things done, with a focus on continuous improvement.
• Collaborates: Builds partnerships and works collaboratively with others to meet shared objectives.
• Resourcefulness: Secures and deploys resources effectively and efficiently.
• Manages Complexity: Makes sense of complex, high quality, and sometimes contradictory information to effectively solve problems.
• Ensures Accountability: Holds self and others accountable to meet commitments and objectives.
• Situational Adaptability: Adapts approach and demeanor in real time to match shifting demands of different situations.
• Communicates Effectively: Develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences.

• Bachelor of Arts or Bachelor of Science degree in technology, related field, or requisite experience; master’s degree and/or additional security certifications preferred.
• Minimum 10 years’ experience in area of Information Security and IT roles.
• Experience evaluating and adopting innovative security technologies and tools into the enterprise with seamless integration of security measures throughout the development lifecycle.
• Experience within healthcare or Life Science required.
• Information Security Industry Certifications preferred (CISSP strongly preferred).
• Audit certification (CISA or equivalent, CISM strongly preferred).

• No-Cost Medication: Get your prescribed compounded medications at no cost, ensuring your health without the financial burden.
• Onsite Health & Wellness – IV Therapy Drips: Rejuvenate with complimentary onsite IV Therapy drips, enhancing your well-being and energy levels.
• Comprehensive Medical, Dental, and Vision Options: Choose from three medical plans tailored to your needs, plus options for dental and vision coverage for you and your family.
• Telehealth visits: Access board-certified Doctors anytime, anywhere for you and your family.
• Paid & Volunteer Time Off: Enjoy paid time off for personal pursuits and contribute to causes you care about with volunteer time off.
• Paid Holidays (8 scheduled; 2 floating): Celebrate with eight scheduled holidays and two floating holidays, giving you flexibility and time for personal traditions.
• Life & AD&D Coverage: Secure your and your family's financial future with life and accidental death and dismemberment (AD&D) insurance.
• FSA (Flexible Spending Account): Manage healthcare expenses smartly with pre-tax dollars in a Flexible Spending Account (FSA).
• 401K Dollar-for-Dollar Up to 4%: Invest in your future with our 401K plan, featuring a dollar-for-dollar match up to 4%.
• Company Paid Long-Term Disability: Provided at no cost, which replaces 60% of your income if you become disabled for a long period of time.
• Flexible Schedules: Balance work and life seamlessly with our flexible scheduling options.
• Rewards & Recognition Program: Your hard work doesn't go unnoticed – enjoy rewards and recognition beyond your paycheck.

Additional Voluntary Benefits

• Accident Insurance: Pays a lump sum benefit to help cover expenses following an accidental injury.
• Hospital Indemnity Insurance: Enhance your peace of mind with supplemental hospital insurance for unexpected stays.
• Critical Illness: Protect your finances from the expenses of a serious health issue.
• Short-Term Disability: Protect your income during illness or injury with short-term disability coverage.
• Supplemental Life & AD&D: Add an extra layer of financial protection for you and your loved ones with supplemental life and AD&D coverage.
• Legal Services: Access professional legal assistance to address concerns confidently.
• Identity Theft Protection: Safeguard your identity and finances with our identity theft protection benefit.
• Pet Insurance: Care for your furry family members with our pet insurance coverage.
• Employee Assistance Program: Confidential counseling and support services for a holistic approach to your well-being.