Health care is constantly changing, and at Banner Health, we are at the front of that change. We are leading health care to make the experience the best it can be.
We want to change the lives of those in our care - and the people who choose to take on this challenge. If changing health care for the better sounds like something you want to be part of, we want to hear from you.
As an Cybersecurity Incident & Threat SOC Director you will be part of the IT Cybersecurity team planning, design, build and delivery of security operations center SOC across the organization. You will be responsible for the requirements, strategy, policy and procedures related to Information Security Operations for Threat, Vulnerability Management, Firewall Management and Enterprise Anti-Malware. A subject matter expertise in building SOC, managing a SOC program and team is required.
Your pay and benefits (Total Rewards) are important components of your Journey at Banner Health. Banner Health offers a variety of benefit plans to help you and your family. We provide health and financial security options, so you can focus on being the best at what you do and enjoying your life.
The position will reside the Banner Corporate Headquarters on Central and Thomas, in Phoenix Arizona
Banner Health - Phoenix Corporate Headquarters
2901 N Central Avenue
Phoenix, AZ 85012
About Banner Health Corporate
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
About Banner Health
Banner Health is one of the largest, nonprofit health care systems in the country and the leading nonprofit provider of hospital services in all the communities we serve. Throughout our network of hospitals, primary care health centers, research centers, labs, physician practices and more, our skilled and compassionate professionals use the latest technology to make health care easier, so life can be better. The many locations, career opportunities, and benefits offered at Banner Health help to make the Banner Journey unique and fulfilling for every employee.
This position is responsible for planning, design, build and delivery of security operations services across the organization as part Enterprise Information Security office. The Director is responsible for requirements, strategy, policies and procedure related to Information Security Operations for Threat and Vulnerability Management, Firewall Management, and Enterprise Anti-Malware platforms.
Manages threat and vulnerability identification, verification, and management services program. Ensures compliance to protocols for data protection practices, leverages forensic investigations and monitors the Banner environment for potential breach scenarios.
Manages information security personnel who are assigned to the Security Operations Services, Incident Management, Forensics and Data Protection practices, leverage specialized business and/or technical resources as appropriate, and mitigate issues as they arise.
Collaborates with business, third party and technology stakeholders to influence technology purchasing decisions, identify assets and processes for routine vulnerability scanning. Conducts vulnerability scanning activities using automated tools. Manages strategy, design, acquisition, implementation, and operation of network firewall, and anti-malware platform(s).
Evaluates new technologies and processes that enhance security capabilities for threat and vulnerability management, network firewalls, and anti-malware platforms
Manages a team that follows structured processes to measure the effectiveness of vulnerability assessment and threat intelligence activities. Oversees threat intelligence and coordinates communication to Senior Information Security leaders.
Ensures service improvement by providing leadership to staff that update processes and activities in response to feedback from customers, internal reviews, and assessments and the changing security operations environment.
This position is accountable for meeting annual budgetary goals. Identifies and prioritizes security program expenditures in coordination with Information Technology, Audit, Compliance, and Legal.
Requires a Bachelors degree in Computer Science, Information Systems, Engineering, Business Administration or a related field, or equivalent experience.
Requires proficiency level typically attained with 10 or more years of experience in information security experience in positions of increasing responsibility including 7 or more years of threat and vulnerability and incident management and 5 years of leadership experience. Demonstrated experience in implementing and managing core TVM, forensics and Data Protection systems and processes such as Security Incident and Event Management (SIEM), vulnerability scanners, endpoint security technologies (e.g., anti-virus), continuous monitoring, advanced malware identification (e.g., FireEye), DLP tools and forensic toolsets.
Extensive experience configuring and utilizing security detection systems, logs and other sources of information to identify and address security events. Extensive knowledge of network and host-based security tools to include penetration testing and ethical hacking products. Extensive knowledge of system security vulnerabilities and remediation techniques.
Strong understanding of the cyber kill chain and threat intelligence lifecycle. Experience with various incident ticketing systems. Understanding of complex networking technology including firewalls, VPN, routing, switching, load balancers, monitoring, security and DNS.
Extensive experience with authoring, implementing and maintaining incident response plans. Strong understanding of cyber tactics and procedures to counter threats. Demonstrated awareness of the latest cybersecurity trends and developments.
Experience strategizing with cross-functional business partners on information security solutions. Strong understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.). Demonstrated organizational and leadership skills with the ability to lead, build, and develop a team of senior IT professionals through formal and informal reporting relationships. Demonstrated communication skills with the ability to build relationship and influence others to get results.
Extensive knowledge in governance frameworks including: ISO 27001, NIST, COBIT, ITIL. Extensive knowledge in regulations and/or contractual obligations including: HIPAA, PCI, Sarbanes Oxley, GLBA, SOC /SSAE16.
Advanced Degree in Computer Science, Information Systems, Engineering, Business Administration, or a related field. Industry certifications: CISSP, CISA, CISM, CRISC, EAP, etc.
Additional related education and/or experience preferred.