Sr. Manager of Cybersecurity & Asset Management

You’re more valuable than ever – And that’s just how we’ll make you feel.

The Sr. Manager of Cybersecurity & Asset Management will be responsible for the success, development, and support of the Cyberdefense and Asset management teams and daily function. The mission of the team is to detect cybersecurity threats, evaluate exposure to our applications, systems, networks, and vulnerabilities to the enterprise, and manage / execute the incident response policy and plan at GoHealth Urgent Care. In addition to perform asset management inventory of all assets for the organization, track usage, ownership, and ensure IT compliance, security and privacy controls are enabled, and effective.

You will lead and grow a Cyberdefense program to monitor, detect and respond capably to ensure security events, end point security, vulnerability findings, internal/external threats and incidents are optimally identified, contained, eradicated, and recovered.

You will own and manage all aspects of Cyberdefense, and IT End point management of all assets (computers, laptops, printers) deployed to remote workers, centers or headquarters, and partner with our markets, and the rest of the IT functions to ensure GoHealth delivers on commitments to our customers as it relates to asset management tracking, inventory control, third party and vendor management obligations, resources needed for remote access, and conduct investigations following the lead of the Director of Cyberdefense.

This role is also responsible for daily reviews of security events, security projects back-log, projects support, compliance monitoring, security technology policy configurations and classifying flaws and weakness in systems, platforms or cloud services that can be exploited to impact the business.

Job Requirements

Education:

• Bachelor’s degree required (or equivalent experience)

Work Experience:

• 15+ years’ experience in Cybersecurity, Cyberdefense, IT, Asset and Inventory management, Asset tracking, ordering, and incident response management required
• 10+ years’ experience managing Cyberdefense analysts and IT Asset management engineers preferred
• Minimum of 10+ years of servers, VMs, containers, End point security, Inventory controls and tracking, applications, cloud and network security experience, secure architectures, data flows review and/or technical controls configuration preferred

Licenses/Certifications:

• Possess one or more of the following certifications: CISSP, CISM, Azure Certified, GIAC, GCIH, E|CIH, CCSP, CEH, GWAPT, GPEN or OSCP is preferred

Additional Knowledge, Skills and Abilities Required:

• Experience with Microsoft Azure Security, M365 threat protection and security center
• Experience with Cloud security, log management, firewalls, SD-WAN security & End Point Detection and Response (EDRs) solutions
• Excellent verbal and written communication skills and the proven ability influence people
• Ability to work collaboratively and professionally with all levels in dynamic situations

Additional Knowledge, Skills, and Abilities Preferred:

• Familiarity with PCI compliance, HIPPA and HITRUST framework

Essential Functions

Essential functions are those tasks, duties and responsibilities that comprise the means of accomplishing the job’s purpose and objectives. Essential functions are critical or fundamental to the performance of the job. They are the major functions for which the person in the job is held accountable. Following are the essential functions of the job.

• Building and managing relationships with our IT operational team to learn our environment and collaborate on software, systems or network configuration change.
• Oversight risk assessments of security controls such as firewalls, End point detection and response solutions, Intrusion prevention, vulnerability management and patching.  
• Establish rapport with key information systems resources and project managers at GoHealth’s partner health systems to work together on joint venture priorities.
• Perform threat monitoring – monitor industry resources, latest hardware and software vulnerabilities, and observe new technical developments, intruder activities and related trends to help identify threats to GoHealth.
• Perform, lead and participate in incident handling processes, such as incident discovery, analysis and verification, incident tracking, containment and recovery, incident response coordination and notification.
• Prepare Cybersecurity advisories and security information bulletins.
• Develop and document standard operating procedures for the Cyberdefense team.
• Develop and maintain information security operational metrics, such as # of incidents, types of incidents, # of application security findings, EDR and/or missing security vulnerability patches.
• Conduct security log management and monitoring.
• Perform malware analysis and provide mitigating controls.
• Perform data analysis, develop use cases and playbooks in support of a security management process.
• Provide analysis and information gathering to provide situational awareness and actionable intelligence response.
• Document, communicate, and help to resolve feedback, questions, and enhancement requests along with others on the GoHealth IT and operations staff.
• Escalating risks and issues as appropriate to leadership, Project management and/or the external partner.
• Collaborate with a great team of people moving exciting projects forward and working to improve systems, Culture, Cybersecurity and processes along the way.

All other duties as assigned.

Note:  this job description is not inclusive of all the duties of the position.  You may be asked by leaders to perform other duties.  Management reserves the right to revise this position description at any time. 

Set up email alerts as new job postings become available that meet your interest! 

All qualified persons are granted an equal opportunity for employment without regard to race, color, religion, sex, sexual orientation and gender identity or expression, age, national origin, citizenship status, disability, genetic information, medical condition, family care leave status, pregnancy or pregnancy-related condition, otherwise qualified disabled or veteran status. The company will comply with all fair employment laws in each of the jurisdictions where we conduct business.

For applicants in California, please review our California Consumer Privacy Statement here. https://www.gohealthuc.com/privacy-policy