Director – Cyber Security Operations

***DIRECTOR, CYBER SECURITY OPERATIONS***

Whittier, California - Managed Services 

As the Director of Cyber Security Operations at a $2B healthcare organization, you will be responsible for spearheading the operations, development, implementation, and management of comprehensive security policies, strategies, and programs aimed at protecting our organization's information systems from cyber threats. This leadership role requires a strategic thinker with strong technical expertise and a proven ability to collaborate with senior executives, coordinate cross-functional teams, and navigate complex environments.

Key Responsibilities:

• Security Policy Development: Create, maintain, and enforce security policies that align with industry standards, compliance regulations, organizational requirements and best practices within the healthcare sector.  Create and maintain a series of security related key performance indicators driven by a set of data analytics that enhances the trust of the organization in the Security operations of the organization.
• Intrusion Risk Management: Identify vulnerabilities and manage intrusion risks by implementing robust detection and response protocols. Regularly assess threat intelligence to enhance our security posture.
• Incident Escalation and Resolution: Lead the response to security incidents, manage escalation pathways, and ensure effective resolution while minimizing business disruption.
• Strategy Development: Collaborate with senior executives to develop comprehensive cyber risk strategies and recovery plans. Provide regular updates and recommendations to the executive team on the state of cybersecurity and necessary risk mitigation measures.
• Technical Leadership: Oversee the implementation of security technologies and strategies that protect sensitive data and systems. Stay current with the latest technologies, trends, and best practices in cyber security and IT.
• Team Management: Build, manage, and develop a high-performing cyber security team. Foster a collaborative and innovative work environment, emphasizing ongoing cyber security training and skill development.
• Interdepartmental Collaboration: Work effectively in a matrixed environment to promote cybersecurity awareness and engage with various departments, ensuring cohesive implementation of security measures.
• Culture of Cyber Security Awareness:  Create policies, security protocols and training that fosters a culture of Cyber Security awareness and education regarding safeguards and risk for the organization. 

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; advanced degree preferred.
• Minimum of 8-10 years of experience in information security, with at least 5 years in a leadership role within the healthcare sector or related industries.
• Proven track record of creating and managing security policies, risk management strategies, and incident response plans.
• Strong expertise in security frameworks (e.g., NIST CSF), network security, and data protection technologies.
• Excellent understanding of regulatory requirements in healthcare, such as HIPAA and HITECH, along with experience in navigating compliance issues.
• Exceptional interpersonal and communication skills, with the ability to articulate technical concepts to non-technical stakeholders and foster relationships across the organization.
• Experience in crisis management, conflict resolution, and negotiation.
• Relevant certifications (e.g., CISSP, CISM, CISA, CEH) preferred.

Key Skills:

1. Cyber Security Expertise:
• Advanced knowledge of cybersecurity principles, practices, and technologies, including intrusion detection, risk analysis, and vulnerability management.
• Proficiency in understanding the latest security tools and technologies such as firewalls, intrusion prevention systems (IPS), endpoint protection, and SIEM solutions.
2. Policy Development and Compliance:
• Ability to create, implement, and enforce robust security policies and procedures that adhere to industry regulations and standards (e.g., HIPAA, HITECH, PCI).
• Familiarity with compliance frameworks and requirements specific to the healthcare environment.
3. Risk Management:
• Strong skills in identifying, evaluating, and prioritizing cyber security risks, as well as developing strategic mitigation plans.
• Experience with conducting risk assessments and audits to improve overall security posture.
• Experience working with 3^rd parties that might contribute to strengthening   the overall security posture.  
4. Incident Response Management:
• Proven ability to lead incident response activities, manage escalations, and communicate effectively during security events.
• Experience developing and executing incident response plans that minimize impact and facilitate recovery.
5. Leadership and Team Management:
• Demonstrated capability to lead, mentor, and develop a cybersecurity team in a matrixed organizational structure.
• Excellent interpersonal skills to foster strong relationships with team members, stakeholders, and executive leadership.
6. Strategic Planning and Communication:
• Strong strategic thinking skills to align cybersecurity initiatives with organizational goals and objectives.
• Effective verbal and written communication skills, with the ability to present complex technical information to non-technical audiences.
7. Technical Acumen:
• Deep understanding of IT and communication technologies, including networks, systems architecture, and cloud security.
• Familiarity with emerging trends in cybersecurity, risk management, and data privacy.
8. Problem-Solving Orientation:
• Strong analytical skills to troubleshoot and resolve complex cyber security issues efficiently and effectively.

Relevant Experience Required:

• Industry Experience:
• At least 5 years of leadership experience in a cyber security or IT security role specifically in the healthcare sector or closely related industries, demonstrating a clear understanding of healthcare regulations and compliance.
• C-level Collaboration:
• Proven experience in strategizing and collaborating with senior-level executives, including presentations to C-suite leadership regarding cyber risks, strategies, and recovery plans.
• Program Management:
• Experience in developing and managing comprehensive cybersecurity programs, including success in implementing security initiatives that mitigate risks and respond to evolving threat landscapes.
• Project Leadership:
• A history of successfully leading cybersecurity projects, from conception through execution, while managing resources and achieving project objectives within established timelines and budgets.
• Incident Response Experience:
• Demonstrated expertise in managing security incidents, including executing response protocols and leading post-incident analyses to improve future security measures.
• Industry Certifications:
• Holding relevant cybersecurity certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) is highly advantageous.

  Why Altera?

  At Altera Digital Health, you will have the opportunity to profoundly impact the lives of patients by empowering healthcare providers to deliver superior care. You will join a passionate and gifted team committed to innovation and excellence. We offer a competitive benefits package and the opportunity to work in a fast-paced and dynamic environment.