Cyber Security Incident Response Manager

Mosaic Health is a national care delivery platform focused on expanding access to comprehensive primary care for consumers with coverage across Commercial Individual Exchange Medicare and Medicaid health plans. The Business Units which comprise Mosaic Health are multipayer and serve nearly one million consumers across 19 states providing them with access to high quality primary care integrated care teams personalized navigation expanded digital access and specialized services for higherneed populations. Through Mosaic Health health plans and employers have an even stronger care provider partner that delivers affordability and superior experiences for their members and employees including valuebased primary care capacity integrated with digital patient engagement and navigation. Each of the companies within Mosaic Health provide unique offerings that together promise to improve individuals health and wellbeing while helping care providers deliver higher quality care. For more information please visit or follow Mosaic Health on LinkedIn.

Formed in 2008 and headquartered in Fort Myers Florida with offices in Florida North Carolina and Texas
Millennium Healthcare is the largest independent physician group in the state of Florida and one of the largest in the United States. At Millennium Physician Group our employees are the foundation of our success. Our promise is to provide you with the tools to do your job successfully as well as providing a team atmosphere that empowers you to seek better ways to deliver care to our patients and their families. We also promise to care for you as an individual and help you grow in your role.

The Cyber Security Incident Response Manager will support all business units within Mosaic Health and is responsible for overseeing the organizations response to cyber security incidents ensuring the effective detection containment remediation and recovery of systems following security events. This role involves leading a team of Incident Response Specialists coordinating with other security teams and driving incident response efforts to minimize the impact of breaches while maintaining regulatory compliance. The Cyber Security Incident Response Manager is responsible for developing implementing and continuously improving the incident response strategy to protect the organizations data systems and reputation.

This position requires strong leadership expert knowledge of incident response methodologies and the ability to manage highstakes situations while ensuring effective communication across internal teams and external stakeholders.

Responsibilities

Lead and manage the incident response team including Incident Response Specialists to ensure
prompt and effective handling of cyber security incidents and breaches.
Develop implement and continuously improve the organizations incident response plans
playbooks and protocols ensuring they align with industry standards and best practices.
Coordinate crossfunctional response efforts working closely with IT legal compliance risk
management communications and executive teams during cyber security incidents.
Oversee the identification analysis containment and remediation of security incidents ensuring
timely recovery and minimum impact on business operations.
Conduct postincident reviews to evaluate the effectiveness of response efforts document lessons
learned and identify opportunities for improving incident management strategies and security
posture.
Monitor and evaluate emerging cyber threats and develop strategies to mitigate risks ensuring that
the incident response team is prepared for evolving attack vectors.
Ensure compliance with regulatory requirements (e.g. HIPAA PCIDSS) during incident response
reporting and documentation processes.
Establish metrics and KPIs for incident response activities tracking and reporting on response times
incident volumes and improvements in security posture over time.
Lead the development of training programs and simulation exercises (e.g. tabletop exercises) to
keep incident response personnel prepared for various types of security incidents.
Oversee security monitoring tools and incident detection systems (e.g. SIEM IDS/IPS firewalls)
ensuring they are configured correctly and tuned to detect and respond to potential threats.
Act as the primary point of contact for highpriority incidents and escalations ensuring prompt and
efficient resolution.
Foster a securityaware culture within the organization by working with HR internal communications and training teams to raise awareness of security best practices and ensure that all staff understand their role in incident detection and reporting.
Collaborate with the Executive Team and other business units to align incident response strategies with business continuity plans and risk management efforts.
Maintain relationships with external vendors law enforcement and thirdparty incident response firms ensuring effective collaboration during major security incidents.
Stay up to date with cyber security threats trends and emerging technologies to enhance the organizations response capabilities and tools.
Lead forensic investigations (in collaboration with incident response specialists and forensic experts)
to determine the root cause of security incidents and help mitigate future risks.
Report on the status of incident response efforts provide regular updates to senior leadership and
document and share postincident reports.
Demonstrate excellent guest service to internal team members and patients.
Perform other related duties as assigned.

Qualifications

Bachelors degree in cyber security Information Technology Computer Science or a related field.
5 years of experience in cyber security incident response or related IT security roles with at least
2 years of experience in a leadership or managerial role.
Deep understanding of incident response frameworks (e.g. NIST SANS MITRE ATT&CK) and cyber
security best practices for managing and responding to security incidents.
Experience in forensic investigation including tools and techniques for memory analysis network
traffic analysis and log correlation.
Strong knowledge of network security firewalls IDS/IPS SIEM systems (e.g. Splunk LogRhythm)
and other tools used for detecting and responding to incidents.
Experience with cloud security and incident response in cloud environments (e.g. AWS Azure).
Experience with regulatory compliance requirements (e.g. HIPAA PCIDSS) as they relate to cyber
security and incident reporting.
Excellent leadership and communication skills with the ability to manage highpressure situations
coordinate diverse teams and communicate effectively with senior leadership and external
stakeholders.
Strong analytical skills with the ability to assess security incidents and devise strategies to prevent
recurrence.
Certifications preferred: Certified Information Systems Security Professional (CISSP) Certified
Incident Handler (GCIH) Certified Ethical Hacker (CEH) Certified Information Security Manager
(CISM) or similar.
Project management experience particularly in managing complex crossfunctional efforts during
highstakes incidents.
Ability to work independently in a fastpaced crossfunctional environment.
A commitment to providing excellent service to internal team members and patients.
High level of professionalism and integrity in all interactions.
Ability to work independently in a fastpaced crossfunctional environment.

Physical Demands

Sedentary work. Exerting up to 10 pounds of force occasionally and/or negligible amount of force
frequently or constantly to lift carry push pull or otherwise move objects. Repetitive motion.
Substantial movements (motions) of the wrists hands and/or fingers. The worker must have close
visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing;
viewing a computer terminal; extensive reading. Ability to lift to 15 lbs. independently not to exceed
50 lbs. without help.

Equal Employment Opportunity

Mosaic Health is an Equal Employment Opportunity employer and all qualified applicants will receive
consideration for employment without regard to age citizenship status color creed disability
ethnicity genetic information gender (including gender identity and gender expression) marital
status national origin race religion sex sexual orientation veteran status or any other status or
condition protected by applicable federal state or local laws.
If you require an accommodation for the application or interview process please let us know and we
will work with you to meet your needs. Please contact for assistance.

Required Experience:

Manager