Director, Cybersecurity

The IT Director, Cybersecurity will be leading the IT Security team in all aspects of information security at Medical Solutions, including cybersecurity operations, identity and access management, incident response, architecture, threat assessments, and governance, risk & compliance (GRC) management. They will ensure the system security measures are calibrated and the proper controls are implemented based on established security frameworks / standards, while utilizing excellent communication and influencing skills to create a strong security culture. They will understand and communicate technology processes and standards, business strategies and solutions to mitigate risks, and effective execution of information security procedures.

• Leads all aspects of cybersecurity security including but not limited to cybersecurity operations, incident response, GRC management, data protection, identity and access governance, intrusion detection, security architecture, threat assessments
• Responsible and accountable for oversight of security program and budget
• Directs, coordinates, plans, and organizes information security activities throughout Medical Solutions

• Has an expert understanding of all security domain areas and how the program supports the business
• Responsible and accountable for building technical and strategic program roadmaps
• Responsible and accountable for leveraging and building vendor partnerships to enhance Medical Solution’s security posture
• Acts as a servant leader who guides the program and organization to reach goals and objectives
• Collaborates with other leaders in the organization to align goals and objectives for roadmaps
• Accountable for the security culture of the company
• Enforces industry and company best practices within the organization
• Stands as an example of our core values everyday

• 15+ years of broad information technology | security experience with increasing levels of responsibility.
• 7+ years in a leadership capacity in a multi-function/multi-technology, large IT security organization.
• Expertise in securing in Microsoft’s Azure cloud environment. This includes all DevOps processes and capabilities, all aspects of cybersecurity, and systems monitoring and management. 
• Comprehensive knowledge of information and technology security management policies, methods, standards, tools, and frameworks (e.g. ISO, COSO, COBIT, NIST, HITRUST, CIS) as well as knowledge of compliance, legal, internal / external audit, and regulatory requirement
• Experience working in information security at public organization(s)
• Expertise in cybersecurity, namely architecture and policy; data loss prevention; governance, risk and compliance; identity and access management; incident response and forensic analysis; penetration testing; secure DevOps; and secure software development.
• Experience in leading the implementation of new systems capabilities and developing a roadmap with sound architecture at scale.
• Current knowledge and experience in Information Security Risk Assessments, Security Assessments, and managing risk mitigations
• Demonstrable experience in leveraging strategic security partners to advance the security posture and maturity.
• Demonstrable change management experience.
• Effective oral and written communication skills to complete reports and analysis and to make oral presentations to the Board of Directors, supervisory committees, and management staff

Preferences:

• Desired Certifications (CISSP, Azure Security, SANS / GIAC)
• Staffing Industry experience
• Healthcare (or other highly regulated) industry experience

#LI-AN1