IT Cybersecurity Manager - Physical Controls

Where You'll Work

Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation's largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.

Job Summary and Responsibilities

This is a remote position.

Job Description

As the Cybersecurity Manager of Physical Controls Application Development, you will be responsible for overseeing the cybersecurity application development team. In this role, you will lead efforts to identify internal app development needs/opportunities, evaluate available third party products to compare options, drive appropriate requirements gathering steps, lead design strategies, manage implementation strategies, and maintain secure physical security systems, ensuring the protection of our assets, data, and personnel from cyber threats.

Responsibilities

• Collaborate with stakeholders to define technical requirements, design scalable architectures, and make informed technology stack decisions for new features and applications.
• Manage the overall application development lifecycle for design, development, configuration, and implementation of solutions to resolve technical and business issues related to information security & physical controls.
• Manage the design, development, and implementation of enhancements within the existing architecture, ensuring scalability and maintainability.
• Lead collaboration with cross-functional teams to appropriately prioritize application development needs/opportunities within information security & physical controls.
• Cybersecurity strategy and planning: Develop and execute a comprehensive cybersecurity strategy for application development, aligning it with organizational goals and industry best practices.
• Risk assessment and management: Conduct regular risk assessments and vulnerability analyses of information security & Physical Controls, identifying potential threats, vulnerabilities, and appropriate mitigation strategies.
• Security system design and implementation: Collaborate with cross-functional teams to design, integrate, and implement applications to enhance the organizations posture for information security & Physical Controls.
• Compliance and regulatory adherence: Ensure compliance with relevant industry standards, regulations, and legal requirements pertaining to information security & physical controls. Stay updated on emerging trends and regulations to maintain organizational compliance.
• Security awareness and training: Develop and deliver training programs to educate employees and stakeholders about risks associated with information security & physical controls. Promote a culture of security awareness and best practices.
• Security audits and assessments: Conduct periodic audits and assessments of internally developed applications to evaluate their effectiveness, identify vulnerabilities, and recommend enhancements.
• Vendor management: Collaborate with vendors and third-party service providers to ensure the security of information security & physical controls, including vendor risk assessments, contract reviews, and security controls implementation.
• Team leadership and collaboration: Lead and mentor a team of application development engineers, fostering a collaborative and innovative environment. Work closely with IT, facilities, and other teams to ensure appropriate application development lifecycle practices across the information security & physical controls.

Job Requirements

• Education and certifications: A bachelor's or master's degree in cybersecurity, information technology, computer science, engineering, or a related technical field preferred (or equivalent practical experience).
• Experience:
  • 7+ years of progressive experience in software development roles.
  • 5+ years of experience leading or managing a small team of developers.
  • Proven hands-on experience with Java/Spring Boot, C++, or Node.js.
  • Strong proficiency in React, Angular, Vue.js.
  • Expertise with relational databases (e.g., PostgreSQL, MySQL) and/or NoSQL databases (e.g., MongoDB, Redis).
  • Experience with cloud platforms (e.g., AWS, Azure, Google Cloud Platform) and associated services.
  • Solid understanding of CI/CD pipelines, version control (Git), and modern DevOps practices.
  • Experience with RESTful API design and development.
• Cybersecurity knowledge: In-depth understanding of cybersecurity principles, practices, and technologies, with a focus on securing physical controls technology applications. Knowledge of threat landscape, risk assessment methodologies, and incident response procedures.
• Compliance and regulatory knowledge: Familiarity with relevant industry standards and regulations, such as ISO 27001, NIST Cybersecurity Framework, and GDPR, as they apply to physical security technology.

#LI-Remote

#LI-CSH