Manager of Cybersecurity

JOB SUMMARY

Responsible for managing and coordinating day-to-day cybersecurity plans and activities, including cyber defense, monitoring, and engineering. Leads overall direction and completion of cybersecurity activities, assigns tasks, and manages schedules. Manages, mentors, trains and guides the cybersecurity team. Analyzes cyber events to identify threats and leads defensive actions. Assists in developing the goals, strategy and methodologies of the PeaceHealth cyber defense program in alignment with the overall Information Security program strategy. Prepares detailed briefings of past incidents and creates and delivers presentations on current cyber defense topics to PeaceHealth caregivers and community members as needed.

ESSENTIAL FUNCTIONS

  • Serves as the recognized principal-level expert resource in cybersecurity planning and activities.
  • Leads development and implementation of new information security systems and controls, delivering effective and pragmatic risk-prioritized solutions to pressing cybersecurity problems. Supports development, design, implementation, integration, and on-going maintenance of systems, applications, processes, security solutions and technologies, based on business and technical requirements.
  • Manages the scheduling and assignment of work and priorities. Provides leadership, technical assistance, monitors quality of work, and monitors team projects. Manages, trains and mentors team members. Recommends and provides appropriate staff and manager-level training for the maintenance and enhancement of cybersecurity at PeaceHealth.
  • Analyzes data from information technology and cyber defense tools to identify potential threats and defend PeaceHealth against all forms of deception and attack. Actively monitors network activity to thwart potentially damaging activities.
  • Protects PeaceHealth’s information, information systems, networks and all related people by analyzing public and private information sources to develop effective defensive techniques. Assists and leads efforts to remediate vulnerabilities and works to predict types of attacks most likely to occur in the future.
  • Manages the design and implementation of security response automation, integrating various information and cyber defense tools using scripting languages such as PowerShell and Python to create fast, intelligent responses to common and/or critical cyber incidents.
  • Maintains and administers tools used to defend PeaceHealth against cyberattack and data loss.
  • Participates in the development of plans and techniques to mitigate vulnerabilities and improve defenses. Actively participates in developing the goals, strategy and methodologies of the PeaceHealth cyber defense program in alignment with the overall Information Security program strategy.
  • Performs other duties as required or assigned.

Qualifications

Minimum Education Level: Bachelor's

EDUCATION:

  • Bachelor’s Degree in Computer Science, Healthcare Information Technology, Information Security, or relevant field: or equivalent knowledge and skills obtained through a combination of education, training and experience required.

EXPERIENCE / TRAINING:

  • Minimum of ten years information security experience required.
  • Minimum of two years leadership experience required.
  • Direct experience securing cloud-based Microsoft offerings highly preferred.
  • Technical experience in a multi-datacenter environment with critical, non-stop enterprise applications running in virtual server environments is highly preferred.
  • Health Information experience preferred.

LICENSE / CERTIFICATION:

  • GCIH preferred
  • GCFA preferred
  • CompTIA CASP preferred
  • CISSP preferred
  • GNFA preferred
  • GPEN preferred
  • CompTIA Security+ preferred
  • GSEC – GIAC Security Essentials preferred
  • CEH – Certified Ethical Hacker preferred

KNOWLEDGE / SKILLS / ABILITIES:

  • Knowledge of endpoint protection, intrusion detection, security event monitors, secure proxies, firewalls and other security devices/tools.
  • Knowledge of incident response methodologies.
  • Knowledge of hardware and operating systems.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of adversarial tactics and techniques.
  • Knowledge of cybersecurity, ethics and privacy principles, along with related regulatory requirements.
  • Knowledge of IAM technologies (Directories, SSO, SCIM, etc.)
  • Ability to collect and analyze data to guide decision making.
  • Ability to interpret the information collected by network tools, such as Traceroute, Ping, packet captures, etc.
  • Ability to analyze and categorize vulnerabilities in information systems.
  • Ability to organize, standardize, and manage detailed information.
  • Ability to work collaboratively and effectively in and between teams.
  • Ability to prioritize, managing multiple competing work efforts.
  • Strong self-motivation.
Posted: November 14, 2019
<< Back to Job-Board