Joy Poletti

Currently serving as the CISO at Mosaic Life Care. Responsible for building the cybersecurity program including Governance Risk and Compliance, Identity Access Management, Cybersecurity Operations, and Threat Management/ Incident Response. I served as the Vice President of Access Governance, Operations, and Program Delivery for Commonspirit, one of the nation’s largest health systems. In this role I was responsible for identity and access management processes across the organization which includes provisioning, de-provisioning, access reviews, role-based access, and operational support of identity solutions. This includes governance for a managed service provider of over 100 resources. I developed and implemented the firewall governance program to ensure security controls are identified, implemented, monitored and measured to ensure the risk of inappropriate network access is addressed. I built the cybersecurity business operations program and managed program delivery. This includes the centralized management of all cybersecurity projects, and the cybersecurity strategy to ensure it is staffed appropriately, aligned with financials, delivered timely, and measured. I began my career at Commonspirit in 2011 and have an extensive background in cybersecurity, building the Security Compliance and Risk capability for CHI, leading the shift to outsource the IAM provisioning capability and the development of IAM governance to ensure access was provided timely and securely, and leading various Security Operations functions, always looking for opportunities to expand my security knowledge base with the ever-changing cybersecurity threat environment My strengths include strategy development, key stakeholder engagement for problem solving, project implementation, and governance and metrics to measure progress. Prior to my career with Commonspirit, I led multiple security initiatives at First Data, and started my career in Computer Risk Management with Arthur Andersen.