Senior Director, Zero Trust and Identity Security

Primary City/State:

Phoenix, Arizona

Department Name:

IT Info Tech Admin-Corp

Work Shift:

Day

Job Category:

Information Technology

Banner Health believes leadership matters. We look for leaders who share our vision making health care easier, so life can be better. Our executives are at the forefront of the health care transformation, planning the future of Banner Health.

Your pay and benefits are important components of your journey at Banner Health. This opportunity includes the option to participate in a variety of health, financial, and security benefits. In addition, this position may be eligible for our Management Incentive Program as part of your Total Rewards package.

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

Position Summary

This position leads the strategic development, implementation, and ongoing management of the organization's zero trust security framework. This role drives transformational security initiatives across network infrastructure, identity and access management, data protection, and configuration management domains. This position includes influencing the vision and strategy of Banner’s cybersecurity, staying current on the latest technology trends, understanding market changes and business needs, and working with senior leadership to develop and drive the direction. Partners and collaborates with other security and IT leaders to develop and drive strategies, work on special projects, and solve complex security challenges facing the organization.

Core Functions

• Develops and executes comprehensive zero trust strategy aligned with organizational business objectives and risk tolerance. Establishes roadmap for zero trust maturity progression across all security domains. Provides executive leadership on security architecture decisions and investments. Collaborates with C-suite and business unit leaders to integrate zero trust principles into digital transformation initiatives. Defines success metrics and KPIs for zero trust implementation and effectiveness. Supports and promotes security governance and ensures security architectures are aligned to business priority, comply with reference architecture standards, policy and regulatory requirements. Ensures Key Performance Indicators are established and tracked in all levels of work effort.
• Designs and implements micro-segmentation strategies to minimize lateral movement and contain potential breaches. Leads deployment and optimization of Zscaler cloud security platform for secure internet and SaaS access. Architects zero trust network access (ZTNA) solutions replacing traditional VPN infrastructure. Oversees network security policies, enforcement mechanisms, and continuous monitoring. Ensures secure connectivity for remote workforce, partners, and third-party access.
• Establishes identity-centric security controls as the foundation of zero trust architecture. Implements adaptive authentication, multi-factor authentication (MFA), and risk-based access policies. Leads privileged access management (PAM) and just-in-time (JIT) access initiatives. Drives identity governance programs including access certification and lifecycle management. Integrates IAM with SIEM/SOAR platforms for threat detection and automated response.
• Develops data classification framework and implements appropriate protection controls. Deploys data loss prevention (DLP), encryption, and rights management solutions. Establishes data access policies based on least privilege and need-to-know principles. Implements cloud access security broker (CASB) technologies for SaaS data protection. Ensures compliance with data privacy regulations (GDPR, CCPA, HIPAA, etc.).
• Establishes security configuration baselines and hardening standards across all technology platforms. Implements infrastructure as code (IaC) with embedded security controls. Leads vulnerability management and patch management programs. Deploys configuration monitoring and drift detection capabilities. Ensures secure DevSecOps practices and CI/CD pipeline security.
• Builds, mentors, and leads high-performing security engineering and architecture teams in a fully remote environment. Fosters culture of continuous learning and security innovation. Develops talent pipeline and succession planning for critical security roles. Collaborates with HR on security awareness training and culture initiatives. Creates inclusive remote work culture with strong team cohesion across distributed workforce.
• Ensures zero trust implementation meets regulatory and compliance requirements. Establishes security policies, standards, and procedures aligned with industry frameworks (NIST, ISO 27001). Coordinates with audit, risk, and compliance teams on security assessments. Manages vendor relationships and third-party security assessments.
• Analyzes business and IT security environment to detect critical deficiencies and/or redundancies and recommends solutions for improvement. Documents current state security architecture, integrates new security solutions into existing systems and deploys solutions that meet emerging business security needs.
• Serves as a credible expert advisor to peers and senior and executive leadership on the appropriateness of current and future security technologies based on the highest level of Total Cost of Ownership, Return on Investment, and strategic value to the business.

Minimum Qualifications

Requires Master's degree in Cybersecurity, Information Security, Information Systems, Computer Science, or related field, or equivalent of education and work experience.

Requires ten years of current and progressive experience in information security and cybersecurity leadership, including five plus years in senior leadership roles managing enterprise security programs.

Requires proven track record implementing protective technology in complex enterprise environments. Requires extensive hands-on experience with Zscaler or similar cloud security platforms. Requires deep expertise in network segmentation, microsegmentation, and software-defined perimeter technologies. Requires strong background in IAM platforms (Okta, Azure AD, Ping Identity, SailPoint, CyberArk). Requires experience with data security technologies (DLP, CASB, encryption, tokenization). Requires demonstrated success with configuration management and infrastructure as code tools.

Requires proven ability to lead and manage distributed remote teams effectively.

Requires expert knowledge of zero trust principles and frameworks (NIST SP 800-207, Forrester, Gartner). Requires advanced understanding of network protocols, architectures, and security controls. Requires proficiency with cloud platforms (AWS, Azure, GCP) and cloud-native security. Requires strong knowledge of identity protocols (SAML, OAuth, OIDC, Kerberos, LDAP). Requires familiarity with SIEM, SOAR, EDR, and security analytics platforms. Requires understanding of DevSecOps practices and security automation.

Requires proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley, GDPR, CCPA, and knowledge of compliance frameworks (SOC 2, ISO 27001, NIST CSF, CIS Controls).

Requires technical project experience designing, developing, integrating, and implementing solutions to resolve complex technical and business issues.

This position may require off-site travel for annual team gatherings, conferences, or critical vendor meetings.

As is typical in this industry, variable shifts or on-call hours and responding to off-hour paging may be required. This position requires on-call availability for security incidents and escalations.

Preferred Qualifications

CISSP (Certified Information Systems Security Professional)

CISM (Certified Information Security Manager)

CCSP (Certified Cloud Security Professional)

CISA (Certified Information Systems Auditor)

Vendor-specific certifications (Zscaler, cloud platforms, IAM solutions)

Additional Related Education And/or Experience Preferred.

EEO Statement:

EEO/Disabled/Veterans

Our organization supports a drug-free work environment.

Privacy Policy:

Privacy Policy