INTRODUCTION

Experience the HCA Healthcare difference where colleagues are trusted, valued members of our healthcare team. Grow your career with an organization committed to delivering respectful, compassionate care, and where the unique and intrinsic worth of each individual is recognized. Submit your application for the opportunity below:Manager Information SecurityHCA Healthcare

NOTE: ELIGIBILITY FOR BENEFITS MAY VARY BY LOCATION.

We are seeking a(an) Manager Information Security for our team to ensure that we continue to provide all patients with high quality, efficient care. Did you get into our industry for these reasons? We are an amazing team that works hard to support each other and are seeking a phenomenal addition like you who feels patient care is as meaningful as we do. We want you to apply!

JOB SUMMARY AND QUALIFICATIONS

The Manager of Information Security Consulting will oversee and guide a high-performing team of security professionals responsible for providing security assessment, threat modeling, and security design consulting services, that results in implementation of effective security controls to enable a compliant and cyber-resilient technological and business environment.

• This leader will facilitate risk-based decision making and cultivate partnership across Business, Information Protection & Security, and IT to enable compliant and cyber-resilient deployment of digital assets that are in alignment with organizational objectives and regulatory obligations. Staying updated on technology & threat trends, business strategy and adapting the team’s services and processes to deliver effective outcomes is a crucial responsibility of this position.
• This leader will have responsibilities for optimizing & streamlining work management including establishing Metrics/SLA/KPI to monitor and improve performance & to deliver robust outcomes in alignment with stakeholder needs. This person will partner with his team colleagues to develop and track individual professional development plans to support their career growth aspirations.
• This leader will drive standardization and improvements in security assessment processes leveraging their experience in established industry standards and frameworks (including NIST, ISO27001, CIS) ensuring compliance with regulatory requirements and alignment with organizational risk management objectives.
• This role is ideally suited for an individual who thrives at the intersection of technical excellence, strategic thinking, people centric leadership, and ability to deliver high-quality outcomes – someone who can inspire and elevate a highly performing team through disciplined execution, stellar thought, and people leadership.

RELEVANT WORK EXPERIENCE

• 7+ years

MANAGEMENT EXPERIENCE

• 3+ years

EDUCATION

• Bachelor’s Degree Required

OTHER/SPECIAL QUALIFICATIONS

• 10+ years of experience in Information Technology
• 7+ years of experience operating in large organizations and adapting to their culture
• 7+ years of measurable success in information security disciplines within large organizations
• Expert knowledge and use of information security principles, standards, practices, and technologies
• Strong business acumen, deep critical thinking, and decision-making skills
• Proven record of delivering critical projects with challenging deadlines, interacting with multiple stakeholders’ groups, and competing priorities
• Demonstrated record as a strong, collaborative technical leader with the ability to think analytically and creatively to solve complex problems
• Provide technical leadership and contribute to departments’ strategic planning and roadmap development
• Proven and fast decision-making ability with strong discussion and facilitation skills in meetings
• Excellent multi-tasking, prioritization, and time management skills
• Effective communication and public speaking skills, can present to large audiences or upper management effectively
• Proven executive presence
• Proven strong background in evaluating and improving security in IT Security and Operational processes
• Able to discuss and demonstrate deep understanding of information security threat and vulnerability detection, risk assessment, risk management, and risk reduction procedures
• Possesses strong conflict management skills
• Experience working in a healthcare environment securing clinical applications and information is a preferred
• Experience and or Technical Training may be substituted for education
• Certifications such as CISSP, CISM, SABSA, or equivalent preferred

KEY RESPONSIBILITIES

• Services Oversight: Manage the daily operations of the security consulting team & ensure delivery of quality outcomes that are in alignment with stakeholders and organizational needs.
• Establish and Mature Threat Modeling Practices: Ensure consistent application of threat modeling methodologies during the design and development lifecycle to proactively identify security risks and drive secure design decisions.
• Security Assessment & Consulting Services: Drive standardization of artifacts and deliverables and partner with risk management to drive resolution of security risks discovered through consulting and assessment services.
• Process Improvement: Identify and implement improvements in services, processes, and reporting methods. Lead initiatives to mature consulting services and streamline engagement models.
• Metrics and Reporting: Establish and monitor Metrics/KPI/SLA related to security consulting services. Provide regular updates and insights to leadership on team performance and enterprise risk posture.
• Cross-Functional Collaboration: Partner with Security Architecture, Cyber Operations, Compliance, Risk Management, Identity and Access Management, Cloud Engineering, and other internal teams to ensure coordinated and effective delivery of security initiatives.
• Continuous Learning and Knowledge Sharing: Update job knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
• Team Development: Foster team cohesiveness and nurture a high performing culture. Mentor team colleagues by providing coaching, career growth guidance and creating structured opportunities for skill development. Provide thought leadership to advance the capabilities of the team
• Proactive Communication: Demonstrate the ability to proactively communicate important updates and issues to management in a timely manner. Success is measured by the frequency and relevance of updates provided, ensuring management is well-informed and able to make strategic decisions based on accurate and current information.

The Manager of Information Security Consulting will oversee and guide a high-performing team of security professionals responsible for providing security assessment, threat modeling, and security design consulting services, that results in implementation of effective security controls to enable a compliant and cyber-resilient technological and business environment.

• This leader will facilitate risk-based decision making and cultivate partnership across Business, Information Protection & Security, and IT to enable compliant and cyber-resilient deployment of digital assets that are in alignment with organizational objectives and regulatory obligations. Staying updated on technology & threat trends, business strategy and adapting the team’s services and processes to deliver effective outcomes is a crucial responsibility of this position.
• This leader will have responsibilities for optimizing & streamlining work management including establishing Metrics/SLA/KPI to monitor and improve performance & to deliver robust outcomes in alignment with stakeholder needs. This person will partner with his team colleagues to develop and track individual professional development plans to support their career growth aspirations.
• This leader will drive standardization and improvements in security assessment processes leveraging their experience in established industry standards and frameworks (including NIST, ISO27001, CIS) ensuring compliance with regulatory requirements and alignment with organizational risk management objectives.
• This role is ideally suited for an individual who thrives at the intersection of technical excellence, strategic thinking, people centric leadership, and ability to deliver high-quality outcomes – someone who can inspire and elevate a highly performing team through disciplined execution, stellar thought, and people leadership