Manager - IS Security Operations & Engineering - Greenville, NC

If you are interested in multiple opportunities, you will need to apply for each position separately.

Apply Now

926073

Vidant Health

Full-Time

Regular

Vidant Health

About Vidant Health

Vidant Health, located in eastern North Carolina, is a comprehensive health system that is made up of 8 hospitals that serve 1.4 million people in 29 counties. Vidant Health includes Vidant Medical Center, community hospitals, physician practices and partners that collaborate with Vidant Health to enhance the quality of life of our patients.

Information Services at Vidant Health

Vidant Health offers comprehensive Information Technology (IT) services and infrastructure to support and enable all aspects of organizational operations. Our IT division consists of a state-of-the-art data center located in Greenville, NC. The data center services all information technology needs of Vidant Health facilities. All Vidant Health owned or leased hospitals are on a common IT platform, including our electronic health record (EHR) that uses Epic's suite of applications. Vidant Health has achieved Meaningful Use Stage 2 recognition and is also approaching Stage 7 for HIMSS Analytics’ Electronic Medical Records Adoption Model (EMRAM) recognition.

Position Summary

We are looking to hire an accomplished Information Security Operations and Engineering Manager to join the Vidant Health Information Security team, reporting to the Director of Information Security.

The candidate must be able to show a demonstrated track record implementing and successfully leading (often through work products) a standards based information security engineering and operations program. While not expected to be a subject matter expert, the candidate must have familiarity with all aspects of computer, network and information security- including application security, web security, database security, vulnerability assessment, event and incident analysis, and encryption technologies. Packet level understanding of data communications and strong background in cybersecurity is important.

To be successful, this candidate will focus their team on providing expert assistance in turning the complexities of a security control framework into clearly defined, practical and operational IS best practices. Proven history of facilitating and documenting the closure of audit findings is critical.  The candidate should have a demonstrated ability to develop, organize, present and execute compliance strategy.

 

Responsibilities

  • Builds partnerships across IS and the enterprise to operationalize Information Security control objectives

  • Responsible for ensuring the confidentiality, integrity, and availability of data and applications across the health system

  • Assist in the ongoing design and implementation of Vidant Health's information technology systems and network security solutions in a complex enterprise computing environment, including all technical security controls

  • Oversee the team's triage process, ensuring timely communication and completion of support tickets and maintenance projects

  • Develop, maintain, and review Vidant Health's incident response plan outlining specific courses of action that will be taken if network resources or member data have been compromised

  • Coordinate technical staff across multiple teams in response to Information Security incidents

  • Lead team meetings and conduct written and/or verbal presentations to department, management, and Vidant Health staff

  • Oversee the research and analysis of designated security systems, and coordinate the feasibility, cost justification, selection, and purchase of Information Security systems

  • Perform information security vulnerability assessments on Vidant Health information systems and business processes, both independently and in collaboration with other Vidant Health teams

  • Research, recommend, and guide implementation of security risk mitigation strategies that are aligned with business goals and objectives

  • Responsible for NIST, SANS CIS Critical Security Controls and other framework implementations within Information Security

  • Responsible for demonstrating continuous improvement of Information Security related CMMI assessments

  • Leverage NIST NICE Framework to accomplish strategic cybersecurity workforce planning and hiring and capability reporting

  • Responsible for mentoring and fostering the overall development of the Information Security team employees, including; training and ongoing development, coaching, selection and hiring process, and also the promotion and performance evaluation of the Information Security team employees

  • Provide guidance and direction to other management and staff for special system capabilities or problems and resolutions

  • Reports to the Director of Information Security on progress, risks, issues, and escalation

  • Develops and reports on information security operational metrics

Minimum Requirements

  • Bachelor’s degree in healthcare, computer technology, information management or related field preferred.  Master’s degree desirable.

  • Certifications such as:

    • SANS GIAC Security Expert Certification Certified Information System Security Professional (CISSP)

    • Cisco Certified Networking Professional- Security (CCNP Security)

    • Certified in the Governance of Enterprise IT (CGEIT)Certified Information Security Manager (CISM)

  • 2 years’ experience working within the Healthcare Industry preferred

  • 2 years’ experience with regulatory controls such as HITECH Act and HIPAA Laws

  • Three to five years of console level experience with technologies such as; firewalls, IPS, WAF, endpoint security, vulnerability assessment and management, etc. Should have a strong operational background and proven track record of accomplishments in Information Services within a large, complex, multi-location organization

  • Health care experience and deep understanding of health care IT operations and challenges preferred

Other Information

Questions?  e-Mail: JOBS@VIDANTHEALTH.COM

General Statement

It is the goal of Vidant Health and its entities to employ the most qualified individual who best matches the requirements for the vacant position.

Offers of employment are subject to successful completion of all pre-employment screenings, which may include an occupational health screening, criminal record check, education, reference, and licensure verification.

We value diversity and are proud to be an equal opportunity employer.   Decisions of employment are made based on business needs, job requirements and applicant’s qualifications without regard to race, color, religion, gender, national origin, disability status, protected veteran status, genetic information and testing, family and medical leave, sexual orientation, gender identity or expression or any other status protected by law. We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer, or against any individuals who assist or participate in the investigation of any complaint.

Share This: