Cyber Security Manager, Cloud Platform Security (Remote)

Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems in 39 distinct markets across 15 states, CHS is committed to helping people get well and live healthier. CHS operates 69 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.

Summary:

CHS is seeking a skilled and detail-oriented Cyber Security Manager, Cloud Platform Security to support our cloud strategy, engineering efforts, and cloud security initiatives. This role requires a hands-on leader with a solid background in cloud engineering and cybersecurity, ensuring that all cloud platform solutions are secure and compliant across platforms such as Google Cloud, Microsoft Azure, and Oracle Cloud. The Manager will assist in implementing cloud strategies, optimizing cloud architecture, and enhancing security controls to protect cloud environments from threats. The ideal candidate will have strong technical expertise in both cloud and cybersecurity technologies, with a proven ability to align cloud and security solutions with operational goals. This role involves managing a cloud security engineering team, collaborating with other departments, and applying industry best practices to improve the efficiency, security, and compliance of our cloud operations.

The Cyber Solutions Engineering (CSE) department within the Cybersecurity Risk Management (CSRM) organization ensures successful delivery and operations of critical security controls across the CSH Enterprise. As a member of the Cybersecurity organization, the Cyber Security Manager, Cloud Platform Security plays a pivotal role in supporting the strategy, implementation and ongoing improvement of key cybersecurity programs. The Manager leads and oversees a team of professionals, ensuring their effective management, motivation and development to deliver on goals across various security platforms and processes. Collaborating with other organizational leaders, the Manager contributes to the  development and execution of strategies that advance the overall maturity of cybersecurity. Additionally, the Cybersecurity Manager will regularly interface and partner with multiple business areas, building partnerships and ensuring alignment with organizational objectives. Working closely with the Cyber Security leaders, the Manager will help shape and drive strategic initiatives, ensuring that they are effectively implemented and monitored.

Essential Duties and Responsibilities:

• Leadership & Oversight
  • Assist in the development and execution of cloud strategies that align with the organization's goals.
  • Manage the planning, implementation, and continuous improvement of cybersecurity cloud programs in collaboration with department leads.
  • Lead and mentor a team of cybersecurity professionals, providing day-to-day support, performance management, and fostering career development.
  • Coordinate efforts with cross-functional teams across IT and business units to align cybersecurity strategies with operational goals and regulatory requirements.
  • Ensure cloud environments are secure, scalable, and cost-effective to help the organization meet its operational objectives.
  • Support the development and management of cloud-based applications and services.
• Risk Management & Program Development
  • Oversee day-to-day risk assessment and mitigation activities, ensuring the protection of cloud platforms, systems and data.
  • Continuously evaluate cybersecurity risks and provide recommendations to senior leadership on necessary improvements.
  • Identify process inefficiencies and collaborate with teams to implement operational improvements.
  • Continuously evaluate and identify opportunities to improve cloud services and streamline existing processes.
• Collaboration & Strategic Alignment
  • Act as a cybersecurity representative within cross-functional teams, ensuring security controls align with operational requirements.
  • Build and maintain relationships with peer groups to ensure cybersecurity efforts meet current program needs.
  • Work with departmental teams to deliver key cybersecurity projects, ensuring alignment with organizational objectives.
  • Encourage a culture of continuous improvement and collaboration with other teams and stakeholders within CHS.
  • Collaborate on managing cloud migration and modernization projects for selected workloads and applications.
• Communication & Compliance:
  • Communicate cybersecurity issues and updates to non-technical audiences, ensuring clarity and understanding.
  • Ensure cybersecurity programs meet industry regulations and internal compliance standards as necessary.
  • Provide regular reports on security program performance and risk mitigation efforts.
  • Help enforce compliance with industry regulations and standards, such as HIPAA, PCI-DSS, and SOC 2.
  • Assist with security audits, vulnerability assessments, and disaster recovery/business continuity plans.
• Project & Vendor Management
  • Collaborate with PMO to manage cybersecurity projects and initiatives, ensuring on-time delivery and adherence to scope.
  • Maintain relationships with vendors to ensure third-party solutions align with cybersecurity requirements.

Qualifications:

• Required Education: Bachelor’s Degree in Cyber Security, Computer Science, Information Systems (or other related field) or equivalent work experience
• Preferred Education: Master’s Degree in Cyber Security, Computer Science, Information Systems (or other related field), or equivalent work experience.
• Required Experience:
  • Duration:
    • 7-9 years Cybersecurity, Technology or other related experience required
    • 3-5 years Cybersecurity experience preferred
    • 1-3 years of leadership experience preferred
  • Solid understanding of security principles, frameworks (SOX, HIPAA, HITRUST, NIST), and core technologies.
  • Ability to identify and implement effective solutions to mitigate security risks.
  • Strong troubleshooting skills to address and resolve technical security issues.
  • Led small cybersecurity team, providing mentorship and ensuring team growth.
  • Experience overseeing day-to-day security operations and implementing security projects.
  • Understanding of risk management strategies and experience presenting solutions to leadership.
  • Proven track record of managing an operations team, preferably in a health care provider environment or other highly regulated industry
  • Ability to translate business requirements and risks into technology and cybersecurity solutions
  • Ability to collaborate across IT groups and associated business areas to provide optimal security controls while balancing efficient and effective user interactions and business operations
  • Must have project and process management skills. 
  • Must have excellent verbal and written communication skills to interact with all levels of staff, management, and external sources.
  • Experience in managing multiple vendor relationships.
  • Worked in process-driven structured environments, and participated in process optimization activities.
  • Advanced knowledge of security principles, issues, techniques and implementations across cloud platforms.
• Preferred Experience:
  • Understanding of regulatory and compliance protocols around data protection
  • Understanding of Security Architecture surrounding cloud security
  • Working knowledge of information security industry and regulatory frameworks (SOX, HIPAA, HITRUST, NIST, etc)
• Required License/Registration/Certification: None
• Preferred License/Registration/Certification: Industry certifications such as: Security+, GSEC, SSCP, CISM, CISSP, GIAC, OSCP, ITIL Certifications or others
• Computer Skills Required: General office software, and reporting software as necessary to support the team.

Physical Demands:
In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below: 

• The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
• The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
• The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.