Essentia Health
Information Security Operations Manager
Essentia Health, Duluth, Minnesota, United States, 55806
Job Description
Job Description: The Security Operations Manager is responsible for overseeing all security operations to protect the organization’s assets and infrastructure. This role includes managing the SecOps team, ensuring effective collaboration with third-party Security Operations Centers (SOC), and ensuring the organization’s security tools, policies, and incident response capabilities are fully operational and aligned with industry best practices.
Education Qualifications:
Key Responsibilities: Manage Security Operations Team: Lead and mentor a team of security operations analysts, ensuring optimal performance, professional development, and alignment with organizational goals Managed Security Service Provider Management: Act as the primary liaison with the organization’s MSSP, ensuring service-level agreements (SLAs) are met, and facilitating seamless communication for threat detection and response Incident Response: Develop and maintain the organization's incident response plan, ensuring timely detection, analysis, containment, and remediation of security incidents. Ensure visibility of technology for incident detection and response purposes Security Toolset Operation: Oversee the operation and integration of security technologies, including SIEM, endpoint detection, vulnerability scanners, and firewalls, ensuring tools are up-to-date and functioning effectively Secure System Configuration: Ensure systems are configured securely by working closely with IT teams to enforce secure design, build, and maintenance practices Policy Implementation and Enforcement: Collaborate with the GRC team to ensure security policies, procedures, and standards are effectively implemented and adhered to across the organization Threat Intelligence and Monitoring: Ensure continuous monitoring and analysis of the organization's systems to detect any potential security threats, vulnerabilities, or breaches Compliance and Audit Support: Work with compliance teams to ensure security operations align with regulatory requirements and industry standards, providing necessary documentation for audits and assessments Risk Management: Assess and mitigate risks by identifying and addressing vulnerabilities and implementing corrective actions or security controls as needed Training and Awareness: Provide training and guidance to internal teams on secure practices and emerging threats to foster a culture of security awareness
Educational Requirements: Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience)
Required Qualifications: 5+ years of experience in security operations or related field, with 2+ years in a managerial or lead role Strong knowledge of security frameworks, incident response processes, and security tools (e.g., SIEM, IDS/IPS, firewalls) Excellent leadership, communication, and problem-solving skills Ability to work in a fast-paced, dynamic environment and respond to changing threats
Preferred Qualifications: Relevant certifications such as CISSP, CISM, or GIAC Experience working with third-party MSSPs and managing SLAs Healthcare IT Experience: Experience working in the healthcare industry, with a strong understanding of HIPAA compliance, electronic health record (EHR) systems, and the unique security challenges in healthcare environments
Job Location:
Peerless Building
Shift Rotation:
Day Rotation (United States of America)
Shift Start/End:
/
Hours Per Pay Period: Compensation Range: Union: FTE:
1
Weekends: Call Obligations: Sign On Bonus:
Key Responsibilities: Manage Security Operations Team: Lead and mentor a team of security operations analysts, ensuring optimal performance, professional development, and alignment with organizational goals Managed Security Service Provider Management: Act as the primary liaison with the organization’s MSSP, ensuring service-level agreements (SLAs) are met, and facilitating seamless communication for threat detection and response Incident Response: Develop and maintain the organization's incident response plan, ensuring timely detection, analysis, containment, and remediation of security incidents. Ensure visibility of technology for incident detection and response purposes Security Toolset Operation: Oversee the operation and integration of security technologies, including SIEM, endpoint detection, vulnerability scanners, and firewalls, ensuring tools are up-to-date and functioning effectively Secure System Configuration: Ensure systems are configured securely by working closely with IT teams to enforce secure design, build, and maintenance practices Policy Implementation and Enforcement: Collaborate with the GRC team to ensure security policies, procedures, and standards are effectively implemented and adhered to across the organization Threat Intelligence and Monitoring: Ensure continuous monitoring and analysis of the organization's systems to detect any potential security threats, vulnerabilities, or breaches Compliance and Audit Support: Work with compliance teams to ensure security operations align with regulatory requirements and industry standards, providing necessary documentation for audits and assessments Risk Management: Assess and mitigate risks by identifying and addressing vulnerabilities and implementing corrective actions or security controls as needed Training and Awareness: Provide training and guidance to internal teams on secure practices and emerging threats to foster a culture of security awareness
Educational Requirements: Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience)
Required Qualifications: 5+ years of experience in security operations or related field, with 2+ years in a managerial or lead role Strong knowledge of security frameworks, incident response processes, and security tools (e.g., SIEM, IDS/IPS, firewalls) Excellent leadership, communication, and problem-solving skills Ability to work in a fast-paced, dynamic environment and respond to changing threats
Preferred Qualifications: Relevant certifications such as CISSP, CISM, or GIAC Experience working with third-party MSSPs and managing SLAs Healthcare IT Experience: Experience working in the healthcare industry, with a strong understanding of HIPAA compliance, electronic health record (EHR) systems, and the unique security challenges in healthcare environments
Job Location:
Peerless Building
Shift Rotation:
Day Rotation (United States of America)
Shift Start/End:
/
Hours Per Pay Period: Compensation Range: Union: FTE:
1
Weekends: Call Obligations: Sign On Bonus: