Associate Director of Cybersecurity GRC Remote

at Banner Health
Published November 24, 2022
Location Phoenix, AZ
Category Default  
Job Type Full-time  


Primary City/State:

Phoenix, Arizona

Department Name:

IT Cybersecurity GRC-Corp

Work Shift:


Job Category:

Information Technology

Primary Location Salary Range:

$49.14/hr - $81.90/hr, based on education & experience

In accordance with Colorado’s EPEWA Equal Pay Transparency Rules.

Help lead health care IT into the future. Our Information Technology professionals play a key role in excellent patient care.  If you like the idea of making a positive change in people’s lives – apply today.

Banner Health Cybersecurity Governance, Risk and Compliance (GRC) is seeking an Associate Director to lead a team responsible for core IT and Cybersecurity GRC functions. This role will oversee the performance of the annual HIPAA Security and Privacy assessment as well as other risk and validation assessments. The Associate Director will also ensure the team effectively monitors and tracks management actions plans originating from internal and external IT audits. Other responsibilities include day-to-day management of the GRC team, budget oversight, helping to develop and drive GRC projects and strategic initiatives and establishing team goals. This role will regularly engage IT senior leaders in order to ensure that IT risks are properly managed and that issues are mitigated in a timely manner. 

The typical schedule for this role is Monday through Friday with limited schedule flexibility. This is a remote position that can be based from the states in which Banner Health operates. An ideal candidate will possess a bachelor’s degree with 7+ years of related GRC experience, hold an applicable certification (CISA, CISSP, CRISC, etc.), and have previous staff management experience, time management skills, multitasking abilities, and strong communications skills.

This can be a remote position if you live in the following states only: AK AR GA FL ID IN IA KS KY LA MI MN MS MO NM NY NC ND OH OK OR PA SC TN TX UT VA WA WI AZ CA CO NE NV WY

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

This position is responsible for planning, organizing and day to day management of cybersecurity systems, applications, projects and professionals. Incumbent participates in the development and implementation of cybersecurity strategies to achieve desired outcomes. Responsibilities also include participation in the management of the cybersecurity financial plans, budgets, performance, and other operational activities for Banner Health’s Cybersecurity organization. This position is responsible for the operational oversight of a functional team, including direct HR management responsibilities, within Banner Health. The Incumbent is expected to work with management across diverse areas and multiple states to effectively and efficiently operate the Cybersecurity Department and partner with other parts of Banner’s organization.

1. Establish priorities, workloads, controls and work procedures, as well as determine resourcing needs. Hire, train, conduct performance evaluations, and supervises the workflow for designated staff. This includes initiating promotions, transfers, disciplinary actions and development planning and management.

2. Lead and manage teams to deliver business outcomes, manage quality of delivered services, and mentor Cybersecurity team members.

3. Translates Cybersecurity Strategic Goals into team specific processes and activities. Establish team objectives and develop effective tools to measure and report performance against these objectives.

4. Assists Cybersecurity leadership in developing annual operational budgets. Assists leadership in ensuring budgetary goals are met on an annual basis.

5. Assist cybersecurity leadership in establishing and maintaining meaningful measurable metrics and reporting. Track to resolution customer problems ensuring the solution is timely and of acceptable quality while effectively communicating with all levels of the organization.

6. Provides leadership with support in establishing and delivering the Cybersecurity strategy and leads or participates in the design, direction, and coordination of cybersecurity projects, systems or applications.

7. Provides expertise and direction while participating in the planning of cybersecurity systems and application strategic objectives and goals. Establish and maintain meaningful measurable metrics and reporting.

8. Provides guidance, direction, and oversight for compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry information.

9. Under general direction, this position is responsible for information security across multiple departments system-wide and requires interaction at all levels of staff and management.


Must possess strong knowledge of business, cybersecurity, information technology and/or computer science as normally obtained through the completion of a bachelor's degree. Certification may be required in at least one of the following areas within one year of entering the position. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Systems Security Certified Practitioner (SSCP), Payment Card Industry - Internal Security Assessor (PCI-ISA), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP), CompTIA Security+ or other certification designated by the Information Security Leader.

Must also possess seven plus years of experience, three of which with supervisory experience, in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience. Must demonstrate expertise in information technology and healthcare. Needs experience in medium to large scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Ability to balance project workloads with customer support and on-call demands. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.

Demonstrate proficiency with the Microsoft Suite of products and other tools depending on position requirements.


Advanced degree may substitute for work experience.

Additional related education and/or experience preferred.


Our organization supports a drug-free work environment.

Privacy Policy

Drop files here browse files ...