Cybersecurity Incident And Threat SOC Director

Banner Health Phoenix , AZ 85002

Posted 2 months ago

Health care is constantly changing, and at Banner Health, we are at the front of that change. We are leading health care to make the experience the best it can be.

We want to change the lives of those in our care - and the people who choose to take on this challenge. If changing health care for the better sounds like something you want to be part of, we want to hear from you.

As an Cybersecurity Incident & Threat SOC Director you will be part of the IT Cybersecurity team planning, design, build and delivery of security operations center SOC across the organization. You will be responsible for the requirements, strategy, policy and procedures related to Information Security Operations for Threat, Vulnerability Management, Firewall Management and Enterprise Anti-Malware. A subject matter expertise in building SOC, managing a SOC program and team is required.

Your pay and benefits (Total Rewards) are important components of your Journey at Banner Health. Banner Health offers a variety of benefit plans to help you and your family. We provide health and financial security options, so you can focus on being the best at what you do and enjoying your life.

The position will reside the Banner Corporate Headquarters on Central and Thomas, in Phoenix Arizona

Banner Health - Phoenix Corporate Headquarters

2901 N Central Avenue

Phoenix, AZ 85012

  • --

About Banner Health Corporate

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

About Banner Health

Banner Health is one of the largest, nonprofit health care systems in the country and the leading nonprofit provider of hospital services in all the communities we serve. Throughout our network of hospitals, primary care health centers, research centers, labs, physician practices and more, our skilled and compassionate professionals use the latest technology to make health care easier, so life can be better. The many locations, career opportunities, and benefits offered at Banner Health help to make the Banner Journey unique and fulfilling for every employee.

  • --

Job Summary

This position is responsible for planning, design, build and delivery of security operations services across the organization as part Enterprise Information Security office. The Director is responsible for requirements, strategy, policies and procedure related to Information Security Operations for Threat and Vulnerability Management, Firewall Management, and Enterprise Anti-Malware platforms.

Essential Functions

Manages threat and vulnerability identification, verification, and management services program. Ensures compliance to protocols for data protection practices, leverages forensic investigations and monitors the Banner environment for potential breach scenarios.

Manages information security personnel who are assigned to the Security Operations Services, Incident Management, Forensics and Data Protection practices, leverage specialized business and/or technical resources as appropriate, and mitigate issues as they arise.

Collaborates with business, third party and technology stakeholders to influence technology purchasing decisions, identify assets and processes for routine vulnerability scanning. Conducts vulnerability scanning activities using automated tools. Manages strategy, design, acquisition, implementation, and operation of network firewall, and anti-malware platform(s).

Evaluates new technologies and processes that enhance security capabilities for threat and vulnerability management, network firewalls, and anti-malware platforms

Manages a team that follows structured processes to measure the effectiveness of vulnerability assessment and threat intelligence activities. Oversees threat intelligence and coordinates communication to Senior Information Security leaders.

Ensures service improvement by providing leadership to staff that update processes and activities in response to feedback from customers, internal reviews, and assessments and the changing security operations environment.

This position is accountable for meeting annual budgetary goals. Identifies and prioritizes security program expenditures in coordination with Information Technology, Audit, Compliance, and Legal.

Minimum Qualifications

Requires a Bachelors degree in Computer Science, Information Systems, Engineering, Business Administration or a related field, or equivalent experience.

Requires proficiency level typically attained with 10 or more years of experience in information security experience in positions of increasing responsibility including 7 or more years of threat and vulnerability and incident management and 5 years of leadership experience. Demonstrated experience in implementing and managing core TVM, forensics and Data Protection systems and processes such as Security Incident and Event Management (SIEM), vulnerability scanners, endpoint security technologies (e.g., anti-virus), continuous monitoring, advanced malware identification (e.g., FireEye), DLP tools and forensic toolsets.

Extensive experience configuring and utilizing security detection systems, logs and other sources of information to identify and address security events. Extensive knowledge of network and host-based security tools to include penetration testing and ethical hacking products. Extensive knowledge of system security vulnerabilities and remediation techniques.

Strong understanding of the cyber kill chain and threat intelligence lifecycle. Experience with various incident ticketing systems. Understanding of complex networking technology including firewalls, VPN, routing, switching, load balancers, monitoring, security and DNS.

Extensive experience with authoring, implementing and maintaining incident response plans. Strong understanding of cyber tactics and procedures to counter threats. Demonstrated awareness of the latest cybersecurity trends and developments.

Experience strategizing with cross-functional business partners on information security solutions. Strong understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.). Demonstrated organizational and leadership skills with the ability to lead, build, and develop a team of senior IT professionals through formal and informal reporting relationships. Demonstrated communication skills with the ability to build relationship and influence others to get results.

Extensive knowledge in governance frameworks including: ISO 27001, NIST, COBIT, ITIL. Extensive knowledge in regulations and/or contractual obligations including: HIPAA, PCI, Sarbanes Oxley, GLBA, SOC /SSAE16.

Preferred Qualifications

Advanced Degree in Computer Science, Information Systems, Engineering, Business Administration, or a related field. Industry certifications: CISSP, CISA, CISM, CRISC, EAP, etc.

Additional related education and/or experience preferred.



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Cyber Threat Intel

American Express

Posted 6 days ago

VIEW JOBS 5/22/2020 12:00:00 AM 2020-08-20T00:00 Why American Express? There's a difference between having a job and making a difference. American Express has been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. Reporting to the Vice President of Cyber Intelligence and Incident Response - the Cyber Threat Intelligence team develops scalable programs that deliver timely, actionable insight and recommendations to key stakeholders. The successful candidate will lead a team responsible for gathering, analyzing and disseminating actionable intelligence for informed decision making across corporate strategy, cybersecurity risk management and product planning as well as cyber defenses. Core Responsibilities: * Provide timely and actionable threat intelligence in line with the business objectives of American Express * Provide regular written and verbal threat briefings and presentations to senior executives * Develop and implement a proactive program to improve intelligence gathering, analysis and dissemination * Work in close collaboration with peers in the cybersecurity organization to accelerate the ability to uncover and track advanced cyber threats * Adopt and institutionalize standard threat analysis and assessment models * Significant integration with Technology Risk and Information Security peers as well as the larger Technology organization as well as other American Express Business Units to ensure operational capabilities are aligned to the threat environment Requirements: * Demonstrated experience leading physically distributed teams * Demonstrated experience in driving innovative approached to threat intelligence * In-depth understanding of the threats affecting the financial sector * Understanding of intelligence-driven approaches to computer network defense * Deep understanding of the talent needed to successfully deliver a world class function * Experience working across multiple lines of business in a corporate function * Executive presence, strong ability to communicate upwards and to peers Qualifications: * Direct Intelligence Community (IC) experience, IC cleared * Strong experience working with threat intelligence sharing communities * Minimum of 10 years' experience in a similar role in a large mission critical environment with a background in the following: * In-depth understanding of adversary tools, tactics and procedures * Expert level understanding of network intrusion analysis, TCP/IP and other networking protocols * Deep understanding of computer network defense and associated tools * Demonstrated expertise in threat modeling * Bachelor's degree in Engineering, Computer Science, Business Management or Technology related fields * Master's Degree a major plus Desired Leadership Characteristics: * Calm and decisive under pressure. Natural operational leadership in stressful situations * Ability to prioritize actions for the benefit of the organization to remain focused on most critical issues * Initiative and energy to go beyond minimum requirements of effort and activity; a bias for action and for getting things done * Experience in developing high performing talent * Proven ability in extending and maintaining strong relationships in a complex multi-national corporation * Ability to translate technical cyber security concepts to non-technical business leaders * Strong problem solver with the ability to use analytical methods to affect change * Effective organizational skills (including attention to detail) along with the ability to collaborate and influence in a matrix environment Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. American Express Phoenix AZ

Cybersecurity Incident And Threat SOC Director

Banner Health