Chief Technology & Cybersecurity Officer

Protocall Services Inc

Oklahoma City, OK

JOB DETAILS
SKILLS
Access Control, Alliance/Partner Management, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Authentication, Automation, Behavioral Health, Budget Management, Budgeting, Business Growth, CCSP - Cisco Certified Security Professional, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Call Center Evaluation, Call Center Operations, Clinical Data, Clinical Support, Cloud Computing, Communication Skills, Community Health, Computer Security, Continuous Improvement, Cost Effectiveness Analysis, Cross-Functional, Customer Support/Service, Customer/Client Research, Data Modeling, Data Recovery, Disaster Recovery, Diversity, Documentation, Emerging Technology, Endpoint Security, Enterprise Application Integration (EAI), Government, Government Funding, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, Healthcare Customer Service, Healthcare Quality, Higher Education, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Infrastructure Software, Insurance Documentation, Internet Security, Interoperability, Leadership, Legal, Machine Learning, Maintain Compliance, Managed Care, Mentoring, Mobile Applications, Operational Strategy, Performance Analysis, Performance Metrics, Policy Development, Privacy Controls, Process Improvement, Product Support, Project Management Professional (PMP), Public Health, Quality Assurance, Quality Management, Regulations, Regulatory Compliance, Request for Proposals (RFP), Risk, Risk Analysis, Risk Management, Security Architecture, Security Auditing, Security Infrastructure, Security Monitoring, Software Development, Software Development Lifecycle (SDLC), Software as a Service (SaaS), Support Documentation, System Architecture, Systems Administration/Management, Systems Scalability, Technical Leadership, Technical Presentation, Technical Strategy, Technical Support, Telecommunications, Telehealth, U.S. National Institute of Standards and Technology (NIST), Use Cases, User Interface/Experience (UI/UX), Vendor/Supplier Evaluation, Vendor/Supplier Management, Vendor/Supplier Relations, Vendor/Supplier Selection
LOCATION
Oklahoma City, OK
POSTED
7 days ago

The Chief Technology & Cybersecurity Officer (CTCO) is a strategic, hands-on technology and security leader responsible for leading Protocall's technology strategy, cybersecurity program, infrastructure, product technology direction, vendor security oversight and compliance readiness.

The CTCO is responsible for ensuring that our information systems are scalable, secure, resilient, and aligned with the needs of healthcare, public-sector, higher education, and enterprise customers. This position also serves as our Security Officer as defined by HIPAA.

Responsibilities

Technology Strategy & Leadership

  • Develop and execute the organization's technology strategy in alignment with business goals, customer needs, compliance obligations, and product growth.
  • Serve as the senior technology advisor to executive leadership, helping translate technical risks and opportunities into business decisions.
  • Provide leadership across internal IT, cloud infrastructure, data systems, software platforms, cybersecurity, and technology vendor relationships.
  • Evaluate current systems, architecture, tools, and processes and recommend improvements for scalability, reliability, interoperability, security, and cost effectiveness.
  • Partner with product, operations, clinical, compliance, and customer success teams to ensure technology supports our service offerings.
  • Help guide build-versus-buy decisions, platform modernization, integrations, and technology roadmap priorities.
  • Establish technology governance practices appropriate for a healthcare organization serving commercial, higher education, and government-adjacent customers.

Cybersecurity, Privacy & Compliance

  • Lead the organization's information security program, including security strategy, policies, risk assessments, controls, incident response, vendor risk management, and employee security awareness.
  • Ensure technology and security practices support HIPAA requirements and customer expectations related to protected health information, privacy, confidentiality, availability, and breach prevention.
  • Lead readiness efforts related to GovRAMP, NIST, SOC 2, HITRUST, or similar security and compliance frameworks, as applicable to customer and market needs.
  • Develop and maintain security policies, standards, procedures, and documentation required for customer audits, RFPs, security questionnaires, and compliance reviews.
  • Oversee security monitoring, vulnerability management, access controls, endpoint protection, cloud security, backup and recovery practices, and incident response planning.
  • Partner with legal, compliance, People Services, and operations teams on privacy, data retention, business continuity, disaster recovery, and security incident response.
  • Lead or coordinate tabletop exercises, risk reviews, vendor assessments, and remediation plans.
  • Support sales and customer-facing teams by responding to security questionnaires, participating in customer security reviews, and clearly explaining the organization's security posture.

Infrastructure, Operations & Reliability

  • Oversee the reliability, availability, and security of technology systems supporting 24/7 mission-critical operations.
  • Ensure appropriate disaster recovery, business continuity, backup, monitoring, and escalation processes are in place.
  • Manage cloud platforms, SaaS systems, telecommunications-related technology, identity and access management, and internal IT systems either directly or through staff and vendors.
  • Establish appropriate service levels, operational metrics, and technology performance reporting.
  • Identify and reduce technology risks that could affect service continuity, customer trust, compliance, or clinical operations.

Product & Data Support

  • Partner with product and business leaders on the technology direction of our digital product offerings.
  • Advise on secure software development practices, data architecture, integrations, authentication, privacy-by-design, and customer-specific security needs.
  • Help ensure product platforms can support Protocall's existing customer base, as well as potential expansion in new markets.
  • Support evaluation of third-party tools, APIs, data exchange capabilities, analytics platforms, and customer reporting infrastructure.
  • Promote secure, scalable, user-centered technology solutions that support both clinical quality and business growth.

Team & Vendor Leadership

  • Lead, mentor, and develop technology, IT, security, and related vendor resources.
  • Build practical processes that improve accountability without creating unnecessary bureaucracy.
  • Manage external technology partners, managed service providers, security vendors, auditors, consultants, and platform vendors.
  • Develop department budgets, staffing plans, technology investment recommendations, and vendor management practices.
  • Foster a culture of security, reliability, responsiveness, and continuous improvement.

Artificial Intelligence, Automation & Emerging Technology

  • Lead the organization's strategy for the responsible evaluation, adoption, and governance of artificial intelligence, machine learning, automation, and emerging technologies.
  • Establish AI governance practices that address privacy, security, HIPAA compliance, bias, transparency, vendor oversight, data use, clinical risk, and customer trust.
  • Partner with executive, clinical, compliance, legal, product, and operations leaders to identify appropriate AI-enabled opportunities that improve service quality, operational efficiency, workforce support, customer reporting, and user experience.
  • Evaluate AI tools and vendors for security, privacy, data retention, model training practices, contractual protections, and alignment with healthcare and public-sector customer requirements.
  • Ensure that AI solutions involving protected health information, crisis services, clinical workflows, or customer data are reviewed through appropriate risk, compliance, and ethical governance processes before implementation.
  • Develop policies and guardrails for employee use of generative AI tools, including acceptable use, prohibited data sharing, documentation expectations, and review requirements.
  • Support responsible use of AI in areas such as contact center operations, quality assurance, documentation support, analytics, fraud/risk detection, customer insights, product personalization, and administrative workflow automation.
  • Help the organization distinguish between safe, practical AI use cases and high-risk applications that require additional oversight, validation, human review, or should not be pursued.
  • Monitor evolving AI-related legal, regulatory, security, and customer expectations, particularly as they relate to healthcare, behavioral health, HIPAA-regulated data, and government-funded or public-sector programs.
  • Promote a culture of innovation that balances AI-enabled efficiency with clinical quality, human judgment, privacy, accessibility, and the organization's mission.
  • 10+ years of progressive experience in technology leadership, information security, infrastructure, software systems, healthcare technology, or related fields.
  • Demonstrated experience leading both technology and cybersecurity functions in a healthcare, behavioral health, SaaS, public-sector, or regulated environment.
  • Experience managing custom software development teams with strong SDLC controls; experience with DevSecOps tools and procedures preferred.
  • Strong working knowledge of HIPAA privacy and security requirements.
  • Experience with security and risk frameworks such as NIST CSF, NIST 800-53, NIST 800-171, SOC 2, HITRUST, ISO 27001, FedRAMP, or GovRAMP-related requirements.
  • Experience supporting security audits, customer security reviews, vendor risk assessments, RFP responses, and compliance documentation.
  • Strong understanding of cloud infrastructure, SaaS platforms, identity and access management, endpoint security, data protection, logging and monitoring, and incident response.
  • Ability to communicate effectively with executive leaders, board members, customers, auditors, technical teams, and non-technical stakeholders.
  • Demonstrated ability to balance strategic leadership with hands-on execution in a mid-sized or growing organization.
  • Experience managing technology vendors, budgets, roadmaps, and cross-functional initiatives.
  • Strong judgment, discretion, and integrity when handling sensitive healthcare, business, and security matters.

Preferred Qualifications

  • Experience in behavioral healthcare, crisis services, telehealth, digital health, or healthcare SaaS.
  • Experience supporting 24/7 mission-critical operations or contact center technology.
  • Familiarity with 988 crisis service environments, managed care organizations, EAPs, higher education customers, or Community Behavioral Health Centers.
  • Experience with mobile application security, secure software development, product security, and platform architecture.
  • Prior experience preparing an organization for GovRAMP, FedRAMP-aligned, SOC 2, HITRUST, or similar certification or assessment.
  • Relevant certifications such as CISSP, CISM, CISA, CCSP, HCISPP, PMP, or equivalent experience.
  • Experience presenting technology and security updates to executive leadership, boards, customers, or public-sector stakeholders.

Work at Protocall is inherently stressful given the nature of our mission. It is the basic responsibility of each employee to manage their stress in a way that sustains our commitment to the highest level of client care, customer service, professional conduct, and a supportive work environment.

Protocall Services Inc. is an Equal Opportunity Employer. We believe deeply in diversity of race, gender, sexual orientation, religion, ethnicity, national origin, and all of the other fascinating characteristics that make us different

About the Company

P

Protocall Services Inc

ProtoCall Services delivers behavioral health care in the moments that matter.

We help our customers ensure their clients, students, and communities have immediate access to care when and where it’s needed most, creating compassionate connections that improve and strengthen behavioral health intervention and recovery.

ProtoCall was founded in 1992 as a division of the non-profit Metro Crisis Intervention Services, an agency providing crisis line services in Portland, Oregon. The initial goal was to leverage the existing 24/7 infrastructure and professional staffing to create an additional funding source to help support the agency’s local crisis programs. In 1997, ProtoCall Services was incorporated as a privately held entity and has since expanded into a sophisticated 24-hour behavioral health contact center and digital products used by over 500 organizations and responding to more than 600,000 calls annually.

Certainly much has changed since 1992, but just like the founders at Metro Crisis, our fundamental mission of providing access to care in times of crisis remains the core of our work.

We are telephonic first responders. We are mental health paramedics. We go in, tie in a tourniquet to stop the (emotional) bleeding, and refer callers to someone who can follow the healing process closely. We are there to keep the caller safe in that moment.

Whether you’re just starting your career or looking for your next opportunity, we’re a growing company that’s full of opportunities.

If you are committed to quality and to offering the best of yourself to a team that improves access to care when it’s needed most, consider joining us!

COMPANY SIZE
100 to 499 employees
INDUSTRY
Healthcare Services
FOUNDED
1992
WEBSITE
http://www.protocallservices.com