Cybersecurity Operations Incident Response Manager

POSITION SUMMARY:

This position functions as the manager of the corporate security operations and incident response teams and requires understanding the IT infrastructure in place at Milliman offices to ensure appropriate security measures are in place to prevent security breaches. The position has IS engineer direct reports responsible for security infrastructure and works in collaboration with the Manager of IT Operations & Infrastructure to recommend physical and technical information security best practices. The position also manages and collaborates with the corporate privacy office to address privacyrelated events. The position reports to the Chief Information Security Officer (CISO).

The Cybersecurity & Incident Response Manager will be responsible for supervising staff and executing IT Security projects. This position oversees the technical work of information security operations and incident response personnel. Additionally this position will occasionally serve as a project or crossfunctional team lead to ensure highquality communications and technical delivery of the work being performed. The Cybersecurity & Incident Response Manager will set performance expectations for direct reports and provide constructive performance feedback on a regular basis.

RESPONSIBILITIES:

• Operational oversight of cybersecurity solutions including SIEM MSSP firewall VPN infrastructure secure web gateway etc.
• Manage activities of corporate security operations and program management of information security initiatives with IT personnel across Milliman practices and disciplines.
• Manage activities of the incident response team and track and assist with mitigation of technical security incidents across the organization through resolution.
• Support prioritization and delivery of security audit artifacts for internal and external security audits.
• Develop and maintain metrics that quantify and monitor key process indicators (KPIs).
• Coach staff in the practices of security related requirements and provide guidance in the course of implementation and other changes.
• Keep up to date on information security threats and countermeasures and advise technical staff.
• Recommend security enhancements and purchases consistent with information security strategy and evolving threats.

SKILLS & QUALIFICATIONS REQUIRED:

• Bachelors degree: candidates must possess significant analytical skills evolved from academic training in Computer Science Computer Engineering or Information Systems.
• The ideal candidate must have minimum 8 years of business experience in the areas of Information Security.
• The ideal candidate must have at least one of the certifications: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
• The ideal candidate must have previous experience with ISO 27001/2 HIPAA HITRUST and other industry regulatory controls and compliance preferred.
• The ideal candidate must have previous experience with cloud security control design and management.
• The ideal candidate must have working knowledge of security areas such as Auditing Policy Database Security Firewall Design and Implementation Risk Analysis Identity Management Access Management or Web Services.
• The ideal candidate must have prior experience supervising and professional development of staff in the Information Security field.
• Must have prior experience working with geographically diverse offices in a global organization.
• Must have the ability to handle multiple projects.
• Must have the ability to interpret information security data and processes to identify potential compliance issues.
• Must have the ability to clearly and effectively communicate Information Security matters to executives auditors and endusers.
• Must have the ability to work effectively and organize priorities independently.
• Must have the decisionmaking and problemsolving skills including the ability to clearly define and resolve issues.
• Must have excellent verbal and written communication skills including the ability to prepare documentation policies and build consensus across a broad group.
• Must have writing and interpersonal communication skills are expected to be of high quality.
• Must have excellent time management skills including the ability to prepare prioritize and complete work plans.

SKILLS & QUALIFICATIONS PREFERRED:

• GIAC Certified Incident Handler (GCIH) or ECCouncil Certified Incident Handler (ECIH)
• Experience within consulting or professional service organizations.

LOCATION:

This is a Seattle based role. The person in this role is expected to live within commutable distance to Millimans Seattle office.

COMPENSATION:

The salary range for this role is $163000 $254000 depending on a combination of factors including but not limited to education relevant work experience qualifications skills certifications location etc.

BENEFITS:

At Milliman we focus on creating an environment that recognizes and meets the personal and professional needs of the individual and their family. We offer competitive benefits which include the following based on plan eligibility:

• Medical dental and vision coverage for employees and their dependents including domestic partners.
• A 401(k) plan with matching program and profitsharing contribution.
• Employee Assistance Program (EAP).
• A discretionary bonus program.
• Paid Time Off (PTO) starts accruing on the first day of work and can be used for any reason; fulltime employees will accrue 15 days of PTO per year and employees working less than a fulltime schedule will accrue PTO at a prorated amount based on hours worked.
• Family building benefits including adoption and fertility assistance and paid parental leave up to 12 weeks for employees who have worked for Milliman for at least 12 months and have worked at least 1250 hours in the preceding 12month period.
• Commuter Program which allows you to use pretax dollars to pay for your parking or public transit expenses to get to and from work. You may utilize this benefit any time throughout the year and funds will be available the first of the month following your first contribution.
• A minimum of 8 paid holidays.
• Milliman covers 100 of the premiums for life insurance AD&D and both shortterm and longterm disability coverage.
• Flexible spending accounts allow employees to set aside pretax dollars to pay for dependent care transportation and applicable medical needs.

ABOUT MILLIMAN:

Independent for over 75 years Milliman delivers marketleading services and solutions to clients worldwide. Today we are helping companies take on some of the worlds most critical and complex issues including retirement funding and healthcare financing risk management and regulatory compliance data analytics and business transformation.

Through a team of professionals ranging from actuaries to clinicians technology specialists to plan administrators we offer unparalleled expertise in employee benefits investment consulting healthcare life insurance and financial services and property and casualty insurance.

EQUAL OPPORTUNITY:

All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran.

Required Experience:

Manager