Manager, IT Security Incident Response

Offsite Remote Work - UHealth IT

Applications have closed

University of Miami

A private research university with more than 16,000 students from around the world, the University of Miami is a vibrant and diverse academic community focused on teaching and learning, the discovery of new knowledge, and service to the South...

View all jobs at University of Miami

Current Employees:

If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position using the Career worklet, please review this tip sheet.

*REMOTE*

The University of Miami Health System, "UHealth", IT Department has an exciting opportunity for a Full-time Manager, IT Security of Incident Response

The Manager, IT Security of incident response will develop, maintain, or support an intelligence capability to identify current and emerging IT security risks to the organization, and is responsible orchestrating the security incident response activities. The manager will, in an ongoing basis, assess security controls to identify, prevent, and recover from cybersecurity attacks.

Core Responsibilities:

  • Leads the security incident response operations, monitoring, and incident response activities.

  • Review and update incident response standards, policies, and procedures.

  • Performs necessary investigation, analysis, and evaluation to determine project feasibility.

  • Documents root cause analysis, security events, and incidents.

  • Develop and maintain the IT security incident response process, including all required supporting materials.

  • Develop functional requirements for roles that will be involved in the CSIRT program.

  • Work with business units, IT functions and external providers to ensure that the process is mutually understood and agreed on, and that responsibilities are clear and accepted.

  • Act as a liaison between the security incident response team, enterprise IT services, and business units as needed.

  • Initiate the IT security incident response process and execute decision authority to the extent of the role within that process.

  • Ensure execution of the incident response process to the resolution of the incident. Ensure generation, maintenance, and protection of required incident records, such as investigator journals.

  • Organize, participate in and, if required, chair post incident reviews for presentation to the senior management.

  • Experience with Unix/Linux, or work relating to OS internals or file level forensics.

Department Specific Functions:

The IR manager must have in-depth knowledge of the following:

  • Methods and motivations adopted by hackers to attack IT platforms and automated information systems.

  • IT security incident management processes and tools.

  • IT operations and support organizations.

  • IT security risk assessment.

  • IT security forensic techniques, tools, and procedures.

  • Serve as a leader for the Cybersecurity Incident Response Team (CSIRT).

  • Coordinate all cross-team collaboration, communication, and documentation activities related to responding, containing, and remediating cybersecurity events and incidents.

  • Partnering closely with other functions within the cybersecurity and IT Management teams, and Collaborate with MSSP (Managed Security Services Provider) to ensure consistent and quality Incident Response services are provided to the organization.

  • Manage the day-to-day operations for event and Incident management activities.

  • Ensure deadlines are met incident response goals and initiatives are successfully implemented.

  • Oversee all people-management activities for direct reports, including responsibility for establishing goals and providing mentorship for team.

  • Develop KRIs, performance metrics and dashboards.

  • Regularly interact with senior leadership and other business units.

  • Knowledge of IT end-to-end problem management and root cause analysis, which is desirable.

This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary.

CORE QUALIFICATIONS:                                           

  • Bachelor's degree from an accredited college or university in Computer Science, Mathematics, Statistics, or equivalent or a related field. A Master's degree is highly desirable.

  • Certified Information Systems Security Professional (CISSP), preferred.

  • Certified Information Security Manager (CISM) or the equivalent preferred.

  • Cloud Computing Security Certification preferred

  • GIAC Certified Incident Handler (GCIH) preferred

  • 12+ years of Information Security experience or equivalent combination of education and work experience.

  • Prior experience in a 24x7x365 SOC operations environment.

  • 5+ years’ experience in incident response or similar role in a medium or large organization. Experience in Healthcare preferred.

  • In-depth experience in security incident management processes and tools.

  • Prior people management/leadership experience with proven experience to lead, motivate and direct a workgroup.

  • Ability to work in a high-pressure environment.

  • Strong project management, presentation, and communication skills.

  • Ability to maintain confidentiality.

  • Knowledge of business and management principles.

  • Knowledge of IT project management and change control principles.

  • Knowledge and expertise with the MITRE Attack framework.

  • Knowledge of IT end-to-end problem management and root cause analysis, which is desirable.

  • Ability to direct, manage, implement, and evaluate department operations.

  • Ability to establish department goals, and objectives that support the strategic plan.

  • Ability to effectively plan, delegate and/or supervise the work of others.

  • Ability to lead, motivate, develop, and train others.

Any relevant education, certifications and/or work experience may be considered.

The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more.

UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for.

The University of Miami is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities are encouraged to apply. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.

Job Status:

Full time

Employee Type:

Staff

Pay Grade:

H16

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  8  2  0

Tags: CISM CISSP Cloud Computer Science CSIRT Forensics GCIH GIAC Incident response Linux Mathematics Monitoring Risk assessment SOC Teaching UNIX

Perks/benefits: Competitive pay Health care Team events

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.