Summary of Position

• Responsible for working with our Managed Security Services vendors to ensure the services being delivered are in accordancewith best (industry level) practices, especially in terms of assessments, monitoring, prevention, detection, response,mitigation, etc.
• Key focus areas: the Security Operations Center (SOC), Incident Response, Perimeter Security, Security Assessments(Red/Purple Teaming, Penetration Testing), and other cybersecurity services as necessary.
• Provide critical governance to our Managed Security Services vendors; identify and ensure implementation of securesolutions in focus areas.

Principal Accountabilities

• Responsible for managing relationships with our Managed Security Services vendors, ensuring effective delivery ofsecurity services for focus areas, including adherence to SLAs, KPIs, and contractual obligations while addressingservice gaps and driving continuous improvement.
• Oversee and drive our Managed Security Services vendor’s Security Operations and Incident Response functions,ensuring proper detection, investigation, and response to security incidents in alignment with corporate policies andstandards. Analyze trends and drive improvements in service effectiveness and threat mitigation.
• Review and assess security changes proposed and implemented by Managed Security Services vendors, ensuringalignment with enterprise security policies, standards, and architectural best practices. Provide guidance to refinesolution as needed and approve changes that meet security and compliance requirements.
• Lead security assessments, including Purple Teaming, Red Teaming, and penetration testing, ensuring that identifiedsecurity gaps and deficiencies are remediated.
• Enhance security operations by integrating industry best practices, emerging threats, and lessons learned fromsecurity incidents and security assessments, and identifying, recommending, and implementing new securitysolutions

Qualifications

Education, Training, Licenses, Certifications

• Bachelor’s Degree in a relevant Information Technology field of study, such as computer/software engineering, projectmanagement or equivalent experience initiatives.
• Master’s degree in computer science, information technology or business preferred.
• Technical certifications in related areas preferred.
• Project Management (PMI) or Six Sigma/related certification preferred.

Relevant Work Experience, Knowledge, Skills, and Abilities

• 10 – 12+ years of relevant, professional work experience, preferably in a healthcare provider environment.
• 8+ years’ information security experience.
• 5+ years working with in an outsourced environment.
• Proven management skills, as well as strong leadership skills, with the ability to lead technical teams.
• In depth knowledge of Microsoft Office suite and standard business applications.
• Demonstrated knowledge of standard networking protocols, computing operating systems, & LAN/WAN topology.
• Must be able to gain a technical understanding of emerging technologies.
• Ability to effectively and efficiently manage multiple projects and efforts simultaneously, including ability to set appropriatepriorities for effect timely completion of numerous concurrent tasks and projects within defined resource limitations.
• Demonstrated ability to form and maintain collaborative partnerships across a complex organization with diverseconstituencies; ability to build consensus on complex and sometimes controversial subjects
• Proven ability to work with technology vendors in the delivery of project solutions.
• Industry level knowledge of technology and IT market trends.
• Experience with Software Licensing and contract management.
• Exceptional communication skills, both oral and written; the ability to communicate effectively by adapting approach,language and style to a wide variety of audiences, including stakeholders that are both technical and non-technical; ability to
• grasp and communicate the big picture while remaining conversant with details.

Additional Information

• Requisition ID: 1000002648
• Hiring Range: $113,400-$210,600

• Responsible for managing relationships with our Managed Security Services vendors, ensuring effective delivery ofsecurity services for focus areas, including adherence to SLAs, KPIs, and contractual obligations while addressingservice gaps and driving continuous improvement.
• Oversee and drive our Managed Security Services vendor’s Security Operations and Incident Response functions,ensuring proper detection, investigation, and response to security incidents in alignment with corporate policies andstandards. Analyze trends and drive improvements in service effectiveness and threat mitigation.
• Review and assess security changes proposed and implemented by Managed Security Services vendors, ensuringalignment with enterprise security policies, standards, and architectural best practices. Provide guidance to refinesolution as needed and approve changes that meet security and compliance requirements.
• Lead security assessments, including Purple Teaming, Red Teaming, and penetration testing, ensuring that identifiedsecurity gaps and deficiencies are remediated.
• Enhance security operations by integrating industry best practices, emerging threats, and lessons learned fromsecurity incidents and security assessments, and identifying, recommending, and implementing new securitysolution