Description
Your North Star : Lead a team of information security professionals to protect and defend Children's National Hospital, our patients, families, and staff.
The Manager for Information Security Platforms will be responsible for leading a team of engineers to enhance the security posture of CNH's large platforms across our core information security pillars : Architecture and Engineering, Operations, Governance and Risk Management, Identity, and Training and Exercises. They will build a holistic program in collaboration with stakeholders, recognizing the critical role that platform engineering plays in the next generation of care delivery, research, and science. We are seeking a dynamic leader who excels at inspiring others through compelling communication and storytelling. This individual should be a doer, equally comfortable managing direct reports, overseeing partners, influencing colleagues, and rolling up their sleeves to execute. Familiarity with cloud platforms, providers, and security issues in the cloud is a priority.
- Participate in the design and architecture of the security for new platform implementations in the hospital, to include but not limited to new HR solutions, improved EMR platforms, and AI platforms and initiatives.
- Manage a team that helps architect and engineer across clouds the security boundary
- Ensure the team delivers operational and maintainable solutions and designs that meet the architecture principles for CNH
- Providing leadership in defining, prioritizing and delivering initiatives associated with new platform adoption
- Advising and assisting stakeholders (staff, contractors, special category associates and providers) across the hospital in platform issues and solutions
- Participating in industry working groups and provide insights back to CNH teams on leading practices
- Advising the Director of Information Security Governance and Risk Management, the CISO, CIO, and executive leadership team on platform adoption, integration points, and potential risks and solutions.
We are currently building a small team of cloud security engineers and Identity and Access analysts who will report to this role.
Qualifications
Minimum Education
Bachelor's Degree in education, psychology, social science, or another relevant discipline (Required)Master's Degree (Preferred)Minimum Work Experience
7 years of experience in information security. (Required)3 years in a management role. (Required)Required Skills / Knowledge
Experience leading a team of information security professionalsDeep experience in Identity and Access Management and Cloud Platform SecurityBroad knowledge of relevant standards and best practices, including : HIPAA, HITRUST, NIST CSF, NIST SP 800-53 / 37, ISO 27001 / 2Experience designing and implementing technical solutions in Cloud Platforms. Experience with Sailpoint, Workday, Medical Record platform, and large platform migrations.Outstanding capability to collaborate with diverse stakeholders across all functional roles and technical capabilitiesExcellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiencesFunctional Accountabilities
Operations - Core areas of responsibility that fall under this role include :
Real time response to cyber eventsInformation security incident managementSecurity monitoring, detection, analyses and response to threat indicators, malicious activities from security systems and intelligenceIncident response, playbooks, workflows, and escalation criteria in partnership with the rest of the cybersecurity team, our MSSP, contractors, and partnersOversight and productive collaboration with our MSSPImplementation, integration, tuning, and continual improvement of our security information and event monitoring (SIEM) solution and other security toolsIn collaboration with the head of cybersecurity architecture and engineering, security tool configuration, management, and updates to protect and defend our network, devices, systemsCybersecurity investigationsThreat analysis and recommendations about changes to CN security postureReporting on performance against established security metricsAdvising the Director of Security Operations, CISO, CIO, and executive leadership team on incidents, investigations, and operational issuesIdentity - Core areas of responsibility that fall under this role include :
Ensure the secure and timely provisioning of access to applications and resources across the hospitalParticipate in the development of identity and access control policiesManage the execution of access certificationsDeveloping a roadmap for identity and access management implementation and continuous improvementOverseeing contractors responsible for delivery of IAM solutionsProviding leadership in defining, prioritizing and delivering initiatives associated with IAMAdvising and assisting stakeholders (staff, contractors, special category associates and providers) across the hospital in addressing IAM issuesParticipating in industry working groups and provide insights back to CNH teams on leading practicesDefining and reporting on metrics that provide a holistic view of IAM issuesAdvising the Director of Information Security Governance and Risk Management, the CISO, CIO, and executive leadership team on IAMTo be successful in this role you will need to be :
A leader who excels at building and inspiring outstanding teamsA manager with a proven track record of supporting staff and their personal and professional growthAn innovator who knows what it takes to execute and has a history of setting and meeting ambitions goalsA highly dependable "doer" who can work with little supervision while being resilient to changeA good listener who can check your ego at the door, allowing you to receive and provide candid feedback and criticismAn individual of high personal integrity who is able to act calmly in high-pressure and high-stress situationsLeader Accountabilities Manager :
Deliver
Set and clearly communicate team goals and priorities in alignment with departmental goals and budgetsDevelop the budget and assign resources to meet the team goalsProvide the resources and guidance required for employees to perform effectivelyDevelop procedures to ensure high safety and quality, and course-correct as neededIdentify customers' needs and ensure service excellence in meeting those needsEngage
Be the link between the department and the team in defining the strategies to meet team goalsProvide prompt and clear verbal and written feedback to staff and manage / guide their performanceEnsure team adherence to regulations, policies and proceduresManage the working environment to promote productivity and motivationRepresent the team in clearing obstacles to high performanceRecruit talents and develop their capabilitiesMonitor and promote strong employee engagementGrow
Encourage and share new ways of making the right work easier to doRecognize and share incremental improvements in operationsPromote the success of organizational and department initiatives by clearly aligning programs to the missionPrimary Location : Maryland-Silver Spring Work Locations : Inventa Towers 1 Inventa Place Silver Spring 20910 Job : Information Technology Organization : Operations Position Status : R (Regular) - FT - Full-Time Shift : Variable Work Schedule : 9 : 00-5 : 00 Job Posting : Dec 16, 2024, 3 : 38 : 06 PM Full-Time Salary Range : 125049.6 - 208436.8
