Manager, Cyber Security - Security Services

Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems in 39 distinct markets across 15 states, CHS is committed to helping people get well and live healthier. CHS operates 69 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.

Summary:

The Cybersecurity Manager reports directly to the Director, Data Protection and Application Security and is a member of the Cybersecurity leadership team. The Manager is responsible for leading, managing, and developing this team of Cybersecurity professionals to ensure the success of numerous critical areas across different areas within Cybersecurity.

This position will oversee the daily operations of the Cybersecurity Support and Cybersecurity Admin teams. The Cybersecurity Support team provides level two support for the different domains within Cybersecurity and acting liaisons from other business units, such as IT, into Cybersecurity. The Cybersecurity Admin team manages all of the servers that are owned and operated by Cybersecurity to maintain reliability of solutions to limit downtime. As part of the management of these servers the Admin team assists with troubleshooting issues and working with IT counterparts to get issues resolved.

The Manager is responsible for the team's outcomes and the development of team member skill sets. The Manager can be trusted to work independently with minimal supervision and effectively train, coach, and delegate to others, managing and supporting the security support team related to security issues. Establish, measure and manage key cyber support metrics including but not limited to SLAs, KPIs, and OKRs. Responsible for implementing tools and developing techniques for measuring and reporting technical performance metrics and developing and running reports on regular schedules. Develop support capabilities aligned with NIST Cybersecurity Framework in the areas of Governance, Risk Management and Compliance, Cybersecurity, and Clinical Security, Identity Access Management, Data Protection and other various areas within Cybersecurity. The Manager will be expected to have general knowledge of the responsibilities listed below, gained through education and work experience.

Essential Duties and Responsibilities:

• Responsible for establishing, leading, tracking, measuring and managing Cybersecurity support capabilities.
• Ensure all security support tickets are triaged and resolved promptly against the desired resolution time.
• Manage the communications, escalations, and documentation of issues to leadership when additional support is needed.
• Make recommendations and develop processes to improve operational efficiency. Develop and Implement processes to automate manual security requests.
• Identify and maintain a rolling 2-3 year roadmap of Cybersecurity support capabilities aligned with business imperatives and CHS strategic goals.
• Maintain relationships and trusted partnerships with both internal Cybersecurity program stakeholders such as other IT groups, HR, Legal, Privacy and Compliance, and external parties such as key vendors, and professional Cybersecurity organizations
• Promote Cybersecurity services in alignment with CHS strategies, champion and communicate their value across the enterprise.
• Develop and mature processes to guide team member development to achieve career goals by leading individual 1:1 meetings and creating, reviewing, and coaching individual team member development plans.
• Business and Soft Skill expectations:
  • Communicate and interact effectively and professionally with co-workers, management, customers, etc.
  • Maintain complete confidentiality of company business.
  • Communicate with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

 
Qualifications:

• Required Education: High School Diploma
• Preferred Education: Bachelor’s or Master’s Degree in Cyber Security, Computer Science, Information Systems (or other related field), or equivalent work experience.
• Required Experience:
  • Duration:
    • 6+ years of IT or information security
    • 2+ years of people leadership
  • Activities:
    • Proven track record of managing an operations team, preferably in a health care provider environment or other highly regulated industry.
    • Ability to translate business requirements and risks into technology and Cybersecurity solutions.
    • Ability to collaborate across IT groups and associated business areas to provide optimal security controls while balancing efficient and effective user interactions and business operations.
    • Must have project and process management skills.
    • Must have excellent verbal and written communication skills to interact with all levels of staff, management, and external sources.
    • Experience in managing vendor relationships.
    • Worked in process-driven structured environments, and participated in process optimization activities.
  • Competencies:
    • Advanced knowledge of security principles, issues, techniques and implementations across IT platforms.
    • Proactive identification and solving of complex problems
    • Business Acumen and thought leadership to enable the business by identifying solutions that show the art of the possible.
    • Effective communication of technical concepts to a non-technical audience.
    • Excellent written and verbal communication skills
• Preferred Experience:
  • Ability to analyze and resolve customer problems by providing second level security support to end-users regarding security related issues through innovation, problem solving, and critical thinking skills.
  • Ability to communicate and represent Security organization with all business partners and third party vendors, including technical documentation.
  • Prepare metric-reports and other presentations to present to Sr Cybersecurity leadership and various business leaders.
• Required License/Registration/Certification: None
• Preferred License/Registration/Certification:
  • SANS Certification
  • GIAC Certification
  • CISSP Certification
• Computer Skills Required: General office software, and reporting software as necessary to support the team.

Physical Demands:
In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:

• The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
• The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
• The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.