IT Cyber Vigilance and Defense Director

This is a remote position.

Job Summary

The System Director Cybersecurity will enable CommonSpirit Healths mission by providing strategic leadership and oversight for the organizations cybersecurity systems and infrastructure. This role is responsible for ensuring the security integrity and availability of CommonSpirit Healths IT systems protecting sensitive patient data and organizational assets. The Director will work collaboratively with various departments and stakeholders to identify and mitigate cybersecurity risks improve operational efficiency and ensure compliance with all applicable laws regulations and internal policies.

The Director will report to the Vice President of Cyber Vigilence & Defense and will lead and mentor a team of cybersecurity professionals. The System Director Cybersecurity will develop and report on measurements that show outcomes across the categories of organizational health financial management security risk reduction and staff engagement.

The Director will work with peers and colleagues from all areas of IT and the organization.

Job Responsibilities

• Develop and implement comprehensive cybersecurity strategies plans and solutions that address clinical and business needs reduce cybersecurity risk and increase operational effectiveness.
• Partner with organizational leaders to develop and maintain reference plans standards and patterns that inform and drive the organization toward future state objectives in cybersecurity.
• Advise and work with clinical business and IT stakeholders on enterprise security direction strategy and design ensuring alignment with organizational objectives and industry best practices.
• Oversee the internal and external Assessments of CommonSpirit Healths vendors cybersecurity systems and clinical technology.
• Manage and develop a high-performing Cybersecurity Assessments program and team fostering a culture of continuous improvement and professional development.
• Stay current on emerging cybersecurity assessment and compliance strategies and adapt the cybersecurity program accordingly. This includes participation in professional development activities and engagement with industry best practices.
• Ensure compliance with all applicable laws regulations and internal policies related to cybersecurity. This includes maintaining up-to-date knowledge of relevant regulations

• Bachelors Degree or equivalent work experience may be considered in lieu of Bachelors degree.
• 10 years of demonstrable experience in assessments within a complex healthcare environment.
• 5 years of leadership experience in internal/external assessments or a related function.
• Demonstrated experience in a current or previous large-scale enterprise risk management or assessment leadership role.
  • Experience with SIEM signal usability including controls logging and platform integrations (SIEM Engineering)
  • Experience with threat visibility via alert creation tuning and alert curation (SIEM Development)
  • Experience with SOAR infrastructure ownership including platform stability SIEM integration and other platform integrations (SOAR Support)
  • Experience with alert ticketing/case management including ticket creation automated ticket enrichment automated response actions User Interface and all automation development (SOAR Development)
  • Experience owning Threat Intelligence operations including zero day alert creation executive audience materials etc.
  • Experience driving Countermeasures engineering efforts including Root Cause Analysis Systemic Threat Remediation Common Attack Prevention etc.

#LI-Remote

#LI-CSH