IT CyberSecurity Manager

We are looking for a self-motivated Cybersecurity Leader to join the R1 Cybersecurity Operations Team. We focus on driving results for our customers and enabling them to invest more in patient care, which helps us grow our company and your career.

Responsibilities:

1. Lead and manage a team of Cybersecurity professionals to ensure 24/7 operations.
2. Develop and implement training programs to enhance the skills of the SOC team.
3. Conduct regular performance reviews and provide constructive feedback.
4. Coordinate with other departments across multiple regions to manage security incidents.
5. Ensure timely and accurate reporting of security incidents.
6. Manage and optimize SOC tools and technologies.
7. Ensure proper configuration and maintenance of security monitoring tools.
8. Evaluate and recommend new security tools and technologies.
9. Develop and maintain SOC policies, procedures, and playbooks.
10. Ensure compliance with industry standards and regulations.
11. Identify areas for improvement within the SOC and implement best practices.
12. Stay updated with the latest security trends and threats.
13. Design, develop, implement, and maintain security solutions.
14. Monitor security tools to identify incidents, intrusions, and malware events to protect R1's systems.
15. Generate trouble tickets and perform initial validation and triage of security incidents using OSINT and security tools.
16. Review and analyze log files for suspicious activities.
17. Follow incident response workflows for triaging and escalation.
18. Analyze incident data to determine root causes and remediation strategies.
19. Research threat intelligence sources to stay current on malware and trends.
20. Manage cases throughout the incident lifecycle for moderate security incidents.
21. Assist with compliance and change management policies and procedures.
22. Participate in cybersecurity projects and ensure security is considered from the beginning of projects.
23. Maintain metrics and reports on cybersecurity operations.

Required Qualifications:

1. Bachelor's degree in a technical discipline (e.g., Computer Science, Business Analysis, etc.).
2. At least 8 years of experience in an IT-related field.
3. Proven team management and leadership skills.
4. Excellent analytical and problem-solving skills.
5. Intermediate knowledge of security, monitoring, networking technologies, tools, protocols, and standards.
6. Security, networking, or audit certification or equivalent experience.
7. Knowledge of security policies, programs, processes, and metrics.
8. Experience with network security, firewalls, web security, SIEM, PIM, content filtering, and firewalls.
9. Experience with change management reviews and security audits.
10. Understanding of Linux and pen testing tools.
11. Experience investigating, documenting, and reporting security issues and trends.
12. Experience with threat hunting.
13. Excellent interpersonal and communication skills.
14. Self-driven, detail-oriented, and innovative problem solver.

Desired Qualifications:

1. Certifications such as CISSP, CISM, GCLD, Cloud+, CCSK, or CEH.
2. Experience with advanced cybersecurity tools, network topologies, intrusion detection, and secure networks.
3. Knowledge of NIST SP 800-61, SOC 2, and frameworks.
4. Experience with forensic data analysis.

We operate in an evolving healthcare environment, offering opportunities to learn and grow through collaboration, innovation, and meaningful work that impacts communities worldwide. We provide a culture of excellence, competitive benefits, and a comprehensive rewards package including health, insurance, paid time off, and more.

Our company is committed to equal employment opportunity and a workplace free from harassment. We welcome applications from all qualified individuals.