Job Description Summary
The Chief Technology and Information Security Officer (CTISO) is a transformational executive responsible for advancing MUSC’s tripartite mission of clinical care, research, and education through secure, reliable, and modern technology.Entity
Medical University Hospital Authority (MUHA)Worker Type
EmployeeWorker Sub-Type
RegularCost Center
CC002269 SYS - IS Senior LeadersPay Rate Type
SalaryPay Grade
Health-00Scheduled Weekly Hours
40Work Shift
Job Description
The Chief Technology and Information Security Officer (CTISO) is a transformational executive responsible for advancing MUSC’s tripartite mission of clinical care, research, and education through secure, reliable, and modern technology.
Evolving from traditional CISO and CTO roles, the CTISO integrates enterprise technology infrastructure, cloud platforms, networks, core services, and information security into a single, strategic function. The CTISO ensures that MUSC’s technology environments are scalable, secure, resilient, and cost effective, and that information security is embedded across clinical, research, and academic operations.
The CTISO leads a highly service oriented, mission aligned organization that partners with clinical, research, academic, business, and administrative leaders. The role balances innovation with risk management, oversees 24x7x365 technology operations, and positions MUSC as a leader in secure digital health, research technology, and academic computing.
Reports to: Enterprise Chief Information Officer
Direct leadership: Leaders of Infrastructure and Operations, Networking, Cloud and Platforms, End User Technology, Information Security and Cybersecurity, Identity and Access Management, and related shared services
Decision rights (shared with Legal, Compliance, CEIO as appropriate): Enterprise technology standards, security architecture, IAM policies, security tools and platforms, cyber incident response, disaster recovery and business continuity strategies, major infrastructure and cloud investments
Budget responsibility: Owns and manages enterprise technology and information security operating and capital budgets in alignment with MUSC financial planning processes
Work model: Hybrid, Charleston, SC (within MUSC policy); statewide travel to MUSC campuses and affiliates as needed
Strategic Leadership and Governance (20%)
-Define and champion MUSC’s enterprise technology and cybersecurity vision, positioning secure and reliable technology as a strategic enabler of the tripartite mission.
-Serve as a key member of the IS executive management team and primary advisor to the CIO on technology operations, infrastructure, and cybersecurity.
-Establish and maintain a governance and risk management framework that aligns with MUSC policies, regulatory requirements, and industry standards.
-Develop multiyear technology and security roadmaps that balance foundational stability with modernization and innovation.
-Own multiyear and annual operating and capital budgets for enterprise technology and information security, ensuring that investments are prioritized, sequenced, and tracked against plan.
-Provide regular updates to executive leadership and the Board on technology strategy, cyber risks, incidents, and program maturity.
Technology Infrastructure and Operations (20%)
-Oversee the design, implementation, and operation of MUSC’s enterprise infrastructure, including private and public cloud, data centers, networks, platforms, core services, and personal computing.
-Ensure 24x7x365 reliability, scalability, and performance across hospitals, ambulatory sites, research facilities, and academic campuses.
-Lead capacity planning, performance monitoring, and continuous improvement of infrastructure and operations.
-Optimize technology investments through platform rationalization and life cycle management and disciplined financial stewardship of operating and capital funds.
Information Security, Risk Management and IAM (20%)
-Lead a comprehensive information security program that protects clinical, research, and academic data and systems.
-Oversee cyber risk assessment, vulnerability management, security architecture, security operations, and incident response.
-Own Identity and Access Management (IAM) across the enterprise, ensuring appropriate access, automation of provisioning and deprovisioning, and regular access reviews.
-Ensure compliance with HIPAA, HITRUST, NIST, ISO 27001, and other applicable regulations and standards.
-Partner with Internal Audit, Legal, Compliance, Research Compliance, and Privacy on audits, investigations, and responses.
Disaster Recovery, Business Continuity and Resilience (15%)
-Oversee development, testing, and maintenance of disaster recovery and business continuity plans for critical technology and security services.
-Serve as executive leader during major technology and cybersecurity incidents, coordinating with clinical, research, and academic leadership to restore services and manage communication.
-Integrate resilience principles into technology architecture, operations, and vendor contracts.
-Provide leadership and guidance on discovery, digital forensics, breach analysis, and required notifications.
Digital Transformation, Innovation and Partnership (15%)
-Support digital transformation across clinical, research, and academic missions by providing secure, modern infrastructure and platforms ready for AI, analytics, and emerging technologies.
-Partner with the CEIO and other leaders to enable data driven initiatives, AI and automation use cases, and research computing needs.
-Evaluate and adopt new technologies that improve efficiency, user experience, and security, while avoiding undue complexity and risk.
-Collaborate with internal and external partners, vendors, and consortia to advance MUSC’s digital and security posture.
Culture, Education, Talent and Stakeholder Engagement (10%)
-Foster a culture of security, reliability, and service excellence across technology and security teams.
-Lead education and awareness efforts to improve cyber hygiene and technology literacy among executives, clinicians, researchers, faculty, staff, and students.
-Attract, develop, and retain diverse and highly skilled technology and security talent.
-Act as a visible, trusted partner to leaders across MUSC’s health system, research, and academic enterprises.
-Represent MUSC with peer institutions, regulators, sponsors, and external partners on matters related to technology and cybersecurity.
Additional Job Description
Requirements (Education, Skills, Experience, Licensure, Registry, Certification):
Education
-Bachelor’s degree required. Master’s/Doctorate preferred.
-Experience managing enterprise infrastructure and cyber security strategy required.
-Professional security certifications such as CISSP, CISM, or comparable credentials are preferred. Additional cloud or infrastructure certifications are valued.
Experience
-Minimum 10 years of progressive leadership in information security and technology infrastructure or operations in complex, multi-site organizations; academic health system experience preferred.
-Proven experience building and leading high-performing infrastructure, operations, and cybersecurity teams.
-Demonstrated success in implementing information security frameworks and controls and managing cyber incidents.
-Experience managing large-scale infrastructure, networks, and cloud environments in a 24x7x365 setting.
-Experience with digital transformation, cloud migration, automation, and integration with enterprise platforms such as EHRs, research systems, and academic systems.
-Experience engaging senior executives, boards, and external stakeholders on technology and cybersecurity topics.
Skills and Competencies
-Visionary leadership with credibility across clinical, research, and academic domains.
-Strong understanding of infrastructure, networking, cloud platforms, and cybersecurity technologies and standards.
-Deep knowledge of relevant regulations and compliance frameworks.
-Excellent communication skills and the ability to translate complex technical and security concepts for non-technical audiences.
-Strong governance, stakeholder engagement, and change leadership capabilities.
-Ability to build and sustain high-performance, cross-functional teams and collaborative cultures.
-High integrity, sound judgment, and a mission-driven mindset aligned with MUSC’s values.
Success Measures
-High availability, performance, and user satisfaction across MUSC’s technology and infrastructure environment.
-Measurable improvement in MUSC’s cybersecurity posture, including reduced incidents, improved response times, and strong audit and compliance outcomes.
-Successful delivery of technology capabilities that enable clinical, research, and academic priorities, including support for AI, analytics, and advanced computing.
-Strong engagement and trust from MUSC leaders across the tripartite mission in technology and security decisions.
-Attraction and retention of top technology and security talent, and a positive, high-performance team culture.
If you like working with energetic enthusiastic individuals, you will enjoy your career with us!
The Medical University of South Carolina is an Equal Opportunity Employer. MUSC does not discriminate on the basis of race, color, religion or belief, age, sex, national origin, gender identity, sexual orientation, disability, protected veteran status, family or parental status, or any other status protected by state laws and/or federal regulations. All qualified applicants are encouraged to apply and will receive consideration for employment based upon applicable qualifications, merit and business need.
Medical University of South Carolina participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: http://www.uscis.gov/e-verify/employees