Michael Ruehmkorff

Experience

• 

  US Army

  Jan 1994 - Jan 1996

  Movement Control Officer
• 

  American Express

  Feb 2000 - Sept 2002

  Progam Manager, Technology

  - Responsible for day-to-day activities surrounding the integration of all Consumer Card applications into the American Express Website, including release planning, funding, testing, and risk management.- Supervise and direct a staff of four Project Managers, two Business Systems Analysts, and one Project Coordinator in providing an end-to-end integration solution for American Express Application Development Teams.- Manage expenses on the department cost center and report results to the Director on a recurring basis. Cost center management duties include time-tracking analysis, project funding management, and expense evaluation.- Lead efforts in partnering with other operations teams to maximize efficiency and streamline the integration process in order to reduce cost and time-to-market for Consumer Card web projects. Show less

• 

  IBM Global Services

  Sept 2002 - Jul 2004

  Manager, Transition Project Management

  - Directed a Program Management Office consisting of 30 Project Managers implementing infrastructure and applications supporting American Express Information Technology.- Led team to the successful implementation of over 250 individual projects with a contract value exceeding $80 million during 2003.- Implemented organizational policy for program and project management practices, project management maturity model, certification requirements, system tools, and provided mentoring and coaching.- Managed department costs and billable time to maintain profit margins on project implementations exceeding the scope of the outsourcing contract. Maintained resourcing at levels appropriate to forecasts, managing a flexible workforce to facilitate appropriate staffing. Show less

• 

  Perot Systems

  Jul 2004 - Apr 2009

  - Transitional IT Director for a 410-bed Los Angeles County Hospital with responsibility for $10M annual IT budget and all strategic and operational IT and telecommunications decisions.- Responsible to the hospital COO and liaison to Physician Councils representing IT operational improvements and design of strategic IT capital plans including over $4.5M in capital projects.- Manage direct and matrix staff handling over 400 incident and request tickets per month and over 20 ongoing IT projects to improve patient care, staff efficiency, and physician engagement.- Advise hospital Senior Leadership on effective IT architecture and projects to augment the facility strategic plan. Show less - Responsible for the Portfolio Management governance function for Catholic Healthcare West's IT Project Portfolio consisting of approximately 250 projects across 48 facilities.- Responsible to executive management for allocating and scheduling resources to all new projects, as well as changes to in-flight projects, including resource forecasting and balancing across 72 distinct skill sets.- Owner of the IT project initiation and change control processes which includes resourcing of professional service contracts encompassing approximately 60,000 hours per month and valued at $4.4M. Show less - Leader of the Information Security Program Office with responsibility for all information security project initiatives to further Dignity Health’s compliance with HIPAA legislation, state and local laws, and industry best practices. Scope included seven direct reports, and an annual budget exceeding $3 million.- Led a bi-weekly working group reporting program status to the CISO, CTO, and Senior IT Leadership.- Led design, development and implementation of the enterprise IT Identity Management system and associated framework for the implementation of Role Based Access Control supporting over 50,000 employees.- Developed and implemented necessary IT Standards to address gaps in technology documentation and insure compliance with Dignity Health policy. Managed IT Security Standard lifecycle and change control process. Show less

  • IT Director, Northridge Hospital Medical Center

    Nov 2008 - Apr 2009

  • Portfolio Manager, IT Projects

    Jan 2008 - Nov 2008

  • Program Manager, Data Security

    Jul 2004 - Dec 2007
• 

  Dignity Health

  Apr 2009 - Dec 2012

  - Departmental leadership responsibility for 70 information security professionals charged with data security and directory services for a 40-hospital system with over $8 billion in revenue, 58,000 employees and 8,700 acute care beds.- Responsible for strategy and framework to assure information security, including purchasing and implementation of security-related capital projects valued at over $5 million for 2010. Implementations included Intrusion Detection System, Data Loss Protection, End Point Encryption, and Security Incident and Event Management.- Manage $6.7 million department operational budget, including payroll, travel, training and maintenance for associated security software and services. Show less

  • Sr. Director, Information Security Officer

    Jan 2010 - Dec 2012

  • Infrastructure Deployment Manager

    Apr 2009 - Feb 2010
• 

  Caris Life Sciences

  Jan 2013 - Aug 2016

  Enterprise IT Infrastructure, Information Security, Service Desk, and IT Quality. Lead a team of 22 responsible for strategy and maintenance of servers, network, databases, Information Security, Service Desk, end-point computing (desktop, laptop and mobile), and IT Application Quality Assurance Testing. Responsible for creating an Information Security and Audit program from inception, including authoring policies, technology implementation, data classification, workforce security education and all associated projects.

  • Chief Information Security Officer and Sr. Director, Technology Services

    May 2014 - Aug 2016

  • Director, Information Security and Audit

    Jan 2013 - May 2014
• 

  Kaiser Permanente

  Sept 2016 - Apr 2023

  VP - Technology Risk Management

  Successfully built a “best in class” technology risk management program for the nation’s largest integrated care organization and delivered 5+ years of positive results across enterprise-wide technology risk management services for a $90B integrated health care provider with 250K+ users in eight (8) states.• Fully accountable for building, deploying, and directing a $22M annual budget, industry-leading cybersecurity risk assessment, risk quantification, and risk management program across nine regions nationwide.• Collaborated with the Chief Technology Risk Officer, senior executives, and the Board of Directors to create a roadmap and risk portfolio management structure responsible for strengthening KP’s server and infrastructure security and bolstering application security, regulatory control integration, and third-party risk management involving nearly 65K vendors.• Directed a cybersecurity organization charged with maintaining compliance with HIPAA, HITECH, ISO, PCI, FDA, and various other regulatory standards; led key initiatives responsible for accelerating achievement of Kaiser Permanente’s technology risk management mission; and drove numerous transformative changes through operational and technology innovation, policy development, risk methods and analytics, risk assessment, and risk portfolio management.• Developed and managed a top performing technology risk executive team consisting of three Executive Risk Information Officers, a Risk Assessment Services Executive Director, and Directors of Risk Management and Practices, Risk Data Analytics, Risk Management Operations, and Enterprise Server Vulnerability Governance Director.• Administered a multi-million-dollar technology risk management budget and introduced numerous cost savings and operating efficiencies without impacting risk management operations.• Planned and executed the implementation of privacy and security programs valued in excess of $450M. Show less

• 

  City of Hope National Medical Center

  Apr 2023 - now

  Chief Information Security Officer