The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO leads the organization’s cybersecurity program, ensuring regulatory compliance, minimizing risk, and enabling secure and efficient operations. This executive role reports to the Chief Information Officer (CIO) and works closely with executive leadership, technology, operations, compliance, and business units to embed security into organizational practices.

Essential Functions

Strategic Leadership

• Develop and maintain a comprehensive cybersecurity vision and defense in depth strategy that aligns with organizational priorities and supports business objectives.
• Implement, monitor, and evolve an enterprise-wide cybersecurity program that ensures confidentiality, integrity, availability, safety, privacy, and recoverability of information assets.
• Serve as the enterprise cyber representative with partners, confidently articulating PT Solutions’ cyber posture and ability to identify, contain, and resolve threats.
• Advise the CIO, senior executives, and management on the cybersecurity implications of current and future business activities, incidents, and emerging threats.
• Provide regular reporting to executive leadership and the board, using clear metrics and frameworks to measure program effectiveness.
• Partner with IT and operations to support business continuity and recovery planning, ensuring PT Solutions can serve patients and clinicians securely in any event.

Risk Management & Compliance

• Establish and maintain a risk-based approach for identifying, assessing, and mitigating cybersecurity risks, including those from third-party suppliers and partners.
• Develop, document, and maintain a unified framework of security policies, standards, and guidelines in alignment with global, federal, state, and industry regulations (e.g., HIPAA - required, PCI DSS, NIST CSF).
• Ensure compliance with applicable laws, regulations, and standards, working closely with legal, audit, and compliance functions.
• Lead organizational readiness for cybersecurity audits, certifications, and assessments.

Operations & Oversight

• Own and manage the cyber incident response program, including response to internal and third-party incidents impacting company operations or data.
• Oversee enterprise security architecture, identity and access management, vulnerability management, and threat detection.
• Partner with IT and operations to develop and maintain business continuity and disaster recovery plans.
• Work hands-on with cybersecurity team, providing both strategeic direction and tactical execution where needed.
• Ensure alignment of cybersecurity operations with evolving industry best practices (e.g., NIST CSF, ITIL).

Culture & Awareness

• Create and manage a targeted cybersecurity awareness and training program for employees, contractors, and approved system users.
• Measure and continuously improve the effectiveness of training and awareness initiatives.
• Promote a culture of shared responsibility for cybersecurity across the enterprise.
• Develop a relatable security narrative that communicates the value of cybersecurity to stakeholders and secures funding for future initiatives.

Leadership & Team Management

• Provide effective leadership to cybersecurity staff, including delegation, coaching, and performance management.
• Establish clear roles, responsibilities, and standard operating procedures for security teams.
• Build and sustain high-performing security teams capable of meeting organizational needs.
• Elevate and mentor existing team members to bring the cybersecurity function to a higher level of maturity.

Required Skills & Abilities

• 12+ years of progressive IT/security experience, including at least 5 years in a senior leadership role.
• Proven knowledge of cybersecurity frameworks, controls, and risk management methodologies (e.g., NIST CSF, CIS Controls).
• Experience in healthcare and HIPAA compliance strongly preferred.
• Demonstrated ability to build, lead, and inspire high-performing security teams.

Required Credentials and Travel Expectations

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field (Master’s preferred).

• Location flexible within the U.S.; must be able to travel to Atlanta and other PT Solutions locations as needed

• Includes regular clinical rounding with operations leaders to build relationships and align security strategy with business needs

• Occasional travel for key partner meetings and executive presentations

Competencies

• Strong communication skills with the ability to present complex security topics to executives and boards.
• Proficiency in Microsoft Word, Excel, Window-based applications.
• Excellent communication and relationship-building skills.
• Must have demonstrated skill in prioritizing daily responsibilities and crises to handle a heavy workload.
• Must be able to work successfully in a fast-paced environment.
• Knowledge of federal and state employment laws and regulations

Expanding Access to Quality Care

At PT Solutions, we’re more than colleagues; we’re a tight-knit community united in our mission to expand access to quality care. Our commitment to you is evident in our industry-leading professional development opportunities. From ongoing evidence-based clinical education to dedicated mentorship opportunities and an APTA-accredited Orthopaedic Residency Program, we propel our clinicians toward excellence in physical therapy, occupational therapy, speech-language pathology, and athletic training.

As we aim to be the go-to rehabilitation provider, we seek committed professionals eager to join us in that mission. A career with PT Solutions is an opportunity to shape the industry and make a lasting impact. 

Let’s go further together and transform care. Join the #PTSLife today! 

To see what #PTSLife is like, visit Instagram, Facebook, and LinkedIn.