Piedmont Healthcare
Manager, Info Security - Cyber
Piedmont Healthcare, Atlanta, Georgia, United States, 30383
Description:JOB PURPOSE:This position is responsible for protecting the confidentiality, integrity, and availability of Piedmont Healthcare IT systems and data. The role's core responsibilities will be to manage the Cyber Incident Response and the Vulnerability Management teams to successfully meet objectives set by the Director of Information Security and/or the CISO. Responsibilities include: creating and tracking key performance metrics, being an escalation point for security incidents, and managing individual analyst responsibilities to ensure the teams are successful in their initiatives to support the Information Security mission.KEY RESPONSIBILITIES:
Oversee and lead analysts to successfully detect, protect, and respond to security threats against Piedmont Healthcare by managing security analysts through cyber investigations and threat hunting/monitoring workflows.Escalate security threats to senior leadership as needed.Drive remediation within and outside of the Cyber Incident Response team.Drive remediation of vulnerabilities across the enterprise with senior leadership.Communicate key performance metrics to leadership.Collaborate with other IT teams to protect Piedmont Healthcare.Set and ensure standard operating procedures are followed by security analysts.Manage the execution of security tests and apply lessons learned from incidents and security tests.Provide management of security analysts' tasks as well as conflict resolution if/when necessary.Build strong security analysts through security initiatives and training.Be an escalation point for security incidents.Provide 24/7 support as needed for security.Manage security operation activities through a 3rd party partner.Test business continuity planning (BCP) and disaster recovery (DR) with other IT teams across the enterprise.Oversee and manage projects to completion.KNOWLEDGE, SKILLS, ABILITIES:Great problem-solving skills and security instincts. Exposure to one or more security concentrations: endpoint protection, data loss prevention, identity and access management, application security, cryptography, or network security. Ability to perform log review and provide recommendations for remediation of threats. Deep understanding of NIST security frameworks. Understanding of MITRE security frameworks. Team oriented and ability to motivate team members. Ability to manage conflicting priorities and multiple tasks. Strong soft skills while providing feedback, handling an investigation, or priority 1 security incident. Keen attention to detail. Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel. Proven ability to lead and motivate team members. Ability to be a self-starter. Ability to lead through accountability with delegated responsibilities.MINIMUM EDUCATION REQUIRED:Bachelor's degree in Computer Science, Information Technology, or a closely related field is required.MINIMUM EXPERIENCE REQUIRED:Five (5) years of progressively responsible professional work experience in information security related to one or more of the following: endpoint security, incident response, security operations, and security vulnerability remediation, including three (3) years of experience in a direct management, lead, or supervisory role.MINIMUM LICENSURE/CERTIFICATION REQUIRED:Certified in one or more of the following areas: Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC), EC-Council Certified Ethical Hacker, ISC2 Healthcare Certified Information Security System Practitioner (HCISSP), or other security-related certifications.ADDITIONAL QUALIFICATIONS:Threat modeling and healthcare experience. Strong knowledge of one or more of the following: HIPAA, HITECH, HITRUST, NIST, or ISO. Collaboration among technical teams demonstrated throughout career. Leadership skills demonstrated through project or technical leadership experience including effective knowledge sharing, conflict resolution facilitation of open discussions, fairness, and displaying appropriate levels of assertiveness. Excellent verbal, written, and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines, including business leaders/managers, IT engineering, IT operations, administrators, physicians, nurses, allied health workers, and patient care systems users. Strong leadership abilities, with the capability to develop and guide information security team members and work with minimal supervision.
#J-18808-Ljbffr
Oversee and lead analysts to successfully detect, protect, and respond to security threats against Piedmont Healthcare by managing security analysts through cyber investigations and threat hunting/monitoring workflows.Escalate security threats to senior leadership as needed.Drive remediation within and outside of the Cyber Incident Response team.Drive remediation of vulnerabilities across the enterprise with senior leadership.Communicate key performance metrics to leadership.Collaborate with other IT teams to protect Piedmont Healthcare.Set and ensure standard operating procedures are followed by security analysts.Manage the execution of security tests and apply lessons learned from incidents and security tests.Provide management of security analysts' tasks as well as conflict resolution if/when necessary.Build strong security analysts through security initiatives and training.Be an escalation point for security incidents.Provide 24/7 support as needed for security.Manage security operation activities through a 3rd party partner.Test business continuity planning (BCP) and disaster recovery (DR) with other IT teams across the enterprise.Oversee and manage projects to completion.KNOWLEDGE, SKILLS, ABILITIES:Great problem-solving skills and security instincts. Exposure to one or more security concentrations: endpoint protection, data loss prevention, identity and access management, application security, cryptography, or network security. Ability to perform log review and provide recommendations for remediation of threats. Deep understanding of NIST security frameworks. Understanding of MITRE security frameworks. Team oriented and ability to motivate team members. Ability to manage conflicting priorities and multiple tasks. Strong soft skills while providing feedback, handling an investigation, or priority 1 security incident. Keen attention to detail. Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel. Proven ability to lead and motivate team members. Ability to be a self-starter. Ability to lead through accountability with delegated responsibilities.MINIMUM EDUCATION REQUIRED:Bachelor's degree in Computer Science, Information Technology, or a closely related field is required.MINIMUM EXPERIENCE REQUIRED:Five (5) years of progressively responsible professional work experience in information security related to one or more of the following: endpoint security, incident response, security operations, and security vulnerability remediation, including three (3) years of experience in a direct management, lead, or supervisory role.MINIMUM LICENSURE/CERTIFICATION REQUIRED:Certified in one or more of the following areas: Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC), EC-Council Certified Ethical Hacker, ISC2 Healthcare Certified Information Security System Practitioner (HCISSP), or other security-related certifications.ADDITIONAL QUALIFICATIONS:Threat modeling and healthcare experience. Strong knowledge of one or more of the following: HIPAA, HITECH, HITRUST, NIST, or ISO. Collaboration among technical teams demonstrated throughout career. Leadership skills demonstrated through project or technical leadership experience including effective knowledge sharing, conflict resolution facilitation of open discussions, fairness, and displaying appropriate levels of assertiveness. Excellent verbal, written, and interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines, including business leaders/managers, IT engineering, IT operations, administrators, physicians, nurses, allied health workers, and patient care systems users. Strong leadership abilities, with the capability to develop and guide information security team members and work with minimal supervision.
#J-18808-Ljbffr