Manager, Info Security - Cyber
Atlanta, Georgia
Employer: Piedmont Healthcare
Industry: Professional
Salary: Competitive
Job type: Full-Time
Description:
JOB PURPOSE:
This position is responsible for protecting the confidentiality, integrity, and availability of Piedmont Healthcare IT systems and data. The roles core responsibilities will be to manage the Cyber Incident Response and the Vulnerability Management teams to successfully meet objectives set by the Director of Information Security and/or the CISO. Responsibilities include: creating and tracking key performance metrics, be an escalation point for security incidents, and manage individual analyst responsibilities to ensure the teams are successful in their initiatives to support the Information Security mission.
KEY RESPONSIBILITIES:
1. Oversee and lead analysts to successfully detect, protect, and respond to security threats against Piedmont Healthcare by managing security analysts through cyber investigations and threat hunting/monitoring workflows.
2. Escalate security threats to senior leadership as needed.
3. Drive remediation within and outside of the Cyber Incident Response team.
4. Drive remediation of vulnerabilities across the enterprise with senior leadership.
5. Communicate key performance metrics to leadership.
6. Collaborate with other IT teams to protect Piedmont Healthcare.
7. Set and ensure standard operating procedures are followed by security analysts.
8. Manage the execution of security tests and apply lessons learned from incidents and security tests.
9. Provide management of security analysts tasks as well as conflict resolution if/when necessary.
10. Build strong security analysts through security initiatives and training.
11. Be an escalation point for security incidents.
12. Provide 24/7 support as needed for security.
13. Manage security operation activities through a 3rd party partner.
14. Testing business continuity planning (BCP) and disaster recovery (DR) with other IT teams across the enterprise.
15. Oversee and manage projects to completion.
KNOWLEDGE, SKILLS, ABILITIES
Great problem-solving skills and security instincts.
Exposure to one or more security concentration endpoint protection, data loss prevention, identity and access management, application security, cryptography, or network security.
Ability to perform log review and provide recommendations for remediation of threat.
Deep understanding of NIST security frameworks.
Understanding of MITRE security frameworks.
Team oriented and ability to motivate team members.
Ability to manage conflicting priorities and multiple tasks.
Strong soft skills while providing feedback, handling an investigation or priority 1 security incident.
Keen attention to detail.
Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel.
Proven ability to lead and motivate team members.
Ability to be a self-starter.
Ability to lead through accountability with delegated responsibilities.
Ability to manage conflicting priorities and multiple tasks.
#LI-POST #GD
Qualifications:
MINIMUM EDUCATION REQUIRED:
Bachelor's degree in Computer Science, Information Technology, or a closely related field is required.
MINIMUM EXPERIENCE REQUIRED:
Five (5) years of progressively responsible professional work experience in information security related to one or more of the following: endpoint security, incident response, security operations, and security vulnerability remediation, to include three (3) years of experience in a direct management, lead, or supervisory role.
MINIMUM LICENSURE/CERTIFICATION REQUIRED:
Certified in one or more of the following area(s): Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC), EC-Council Certified Ethical Hacker, ISC2 Healthcare Certified Information Security System Practitioner (HCISSP), or other Security related certifications.
ADDITIONAL QUALIFICATIONS:
Threat Modeling and healthcare experience.
Strong knowledge of one or more of the following; HIPAA, HITECH, HITRUST, NIST, or ISO.
Collaboration among technical teams demonstrated throughout career.
Leadership skills demonstrated through project or technical leadership experience including effective
knowledge sharing, conflict resolution facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines, including business leaders/managers, IT engineering, IT operations, administrators, physicians, nurses, allied health workers, and patient care systems users.
Strong leadership abilities, with the capability to develop and guide information security team members and work with minimal supervision.
JOB PURPOSE:
This position is responsible for protecting the confidentiality, integrity, and availability of Piedmont Healthcare IT systems and data. The roles core responsibilities will be to manage the Cyber Incident Response and the Vulnerability Management teams to successfully meet objectives set by the Director of Information Security and/or the CISO. Responsibilities include: creating and tracking key performance metrics, be an escalation point for security incidents, and manage individual analyst responsibilities to ensure the teams are successful in their initiatives to support the Information Security mission.
KEY RESPONSIBILITIES:
1. Oversee and lead analysts to successfully detect, protect, and respond to security threats against Piedmont Healthcare by managing security analysts through cyber investigations and threat hunting/monitoring workflows.
2. Escalate security threats to senior leadership as needed.
3. Drive remediation within and outside of the Cyber Incident Response team.
4. Drive remediation of vulnerabilities across the enterprise with senior leadership.
5. Communicate key performance metrics to leadership.
6. Collaborate with other IT teams to protect Piedmont Healthcare.
7. Set and ensure standard operating procedures are followed by security analysts.
8. Manage the execution of security tests and apply lessons learned from incidents and security tests.
9. Provide management of security analysts tasks as well as conflict resolution if/when necessary.
10. Build strong security analysts through security initiatives and training.
11. Be an escalation point for security incidents.
12. Provide 24/7 support as needed for security.
13. Manage security operation activities through a 3rd party partner.
14. Testing business continuity planning (BCP) and disaster recovery (DR) with other IT teams across the enterprise.
15. Oversee and manage projects to completion.
KNOWLEDGE, SKILLS, ABILITIES
Great problem-solving skills and security instincts.
Exposure to one or more security concentration endpoint protection, data loss prevention, identity and access management, application security, cryptography, or network security.
Ability to perform log review and provide recommendations for remediation of threat.
Deep understanding of NIST security frameworks.
Understanding of MITRE security frameworks.
Team oriented and ability to motivate team members.
Ability to manage conflicting priorities and multiple tasks.
Strong soft skills while providing feedback, handling an investigation or priority 1 security incident.
Keen attention to detail.
Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel.
Proven ability to lead and motivate team members.
Ability to be a self-starter.
Ability to lead through accountability with delegated responsibilities.
Ability to manage conflicting priorities and multiple tasks.
#LI-POST #GD
Qualifications:
MINIMUM EDUCATION REQUIRED:
Bachelor's degree in Computer Science, Information Technology, or a closely related field is required.
MINIMUM EXPERIENCE REQUIRED:
Five (5) years of progressively responsible professional work experience in information security related to one or more of the following: endpoint security, incident response, security operations, and security vulnerability remediation, to include three (3) years of experience in a direct management, lead, or supervisory role.
MINIMUM LICENSURE/CERTIFICATION REQUIRED:
Certified in one or more of the following area(s): Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC), EC-Council Certified Ethical Hacker, ISC2 Healthcare Certified Information Security System Practitioner (HCISSP), or other Security related certifications.
ADDITIONAL QUALIFICATIONS:
Threat Modeling and healthcare experience.
Strong knowledge of one or more of the following; HIPAA, HITECH, HITRUST, NIST, or ISO.
Collaboration among technical teams demonstrated throughout career.
Leadership skills demonstrated through project or technical leadership experience including effective
knowledge sharing, conflict resolution facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines, including business leaders/managers, IT engineering, IT operations, administrators, physicians, nurses, allied health workers, and patient care systems users.
Strong leadership abilities, with the capability to develop and guide information security team members and work with minimal supervision.
Created: 2024-08-22
Reference: 1117727
Country: United States
State: Georgia
City: Atlanta
ZIP: 30334