Overview
Remote
On Site
Full Time
Skills
Innovation
Reporting
Collaboration
Legal
Information Security
Software Development
API
Program Development
Software Security
Scripting
Web Development
IT Infrastructure
Vulnerability Scanning
Information Technology
Cyber Security
Microsoft Windows
Unix
Linux
Regulatory Compliance
HIPAA
HITECH
Payment Card Industry
Sarbanes-Oxley
OWASP
Internet Security
Web Application Security
SCA
Testing
Network
Database
System Security
Documentation
Management
Communication
Web Applications
Python
Java
JavaScript
C++
C#
Leadership
Problem Solving
Conflict Resolution
Critical Thinking
Root Cause Analysis
Risk Analysis
Health Care
Job Details
Overview
Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation's largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.
Responsibilities
This is a remote position.
Job Summary
CommonSpirit Health is seeking a highly motivated Cybersecurity Manager to lead Cybersecurity Analysts and Engineers in the pursuit of actionable cyber risk throughout the organization specific to web application security.
As a manager within Cybersecurity, you will be responsible to effectively create, communicate, and coordinate tactical direction and implementation of cybersecurity risk discovery operations and remediation efforts in support of key organization initiatives and strategy.
The Cybersecurity Manager will report to the Director, Attack Surface Management, as part of the overall Cyber Vigilance and Defence group, which is focused on identifying, protecting, responding and containing threats, vulnerabilities, and weaknesses with respect to the overall CommonSpirit organization.
The management of cybersecurity risk discovery operations and remediation efforts are grounded in the proactive detection of cyber risk. Once a cyber risk to the organization has been identified, collaborative development of action plans and timelines ensure that key stakeholders are involved and can act quickly to protect the organization. You will collaborate with leaders throughout the organization. You will foster relationships with key business partners, internal technology and cybersecurity teams, and external vendors to leverage technology to enable detection of cyber risk. You will remain knowledgeable about security issues, vulnerabilities, regulatory, legal, and security policies and standards that may impact information security.
Job Responsibilities
Qualifications
#LI-Remote
#LI-CSH
Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation's largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.
Responsibilities
This is a remote position.
Job Summary
CommonSpirit Health is seeking a highly motivated Cybersecurity Manager to lead Cybersecurity Analysts and Engineers in the pursuit of actionable cyber risk throughout the organization specific to web application security.
As a manager within Cybersecurity, you will be responsible to effectively create, communicate, and coordinate tactical direction and implementation of cybersecurity risk discovery operations and remediation efforts in support of key organization initiatives and strategy.
The Cybersecurity Manager will report to the Director, Attack Surface Management, as part of the overall Cyber Vigilance and Defence group, which is focused on identifying, protecting, responding and containing threats, vulnerabilities, and weaknesses with respect to the overall CommonSpirit organization.
The management of cybersecurity risk discovery operations and remediation efforts are grounded in the proactive detection of cyber risk. Once a cyber risk to the organization has been identified, collaborative development of action plans and timelines ensure that key stakeholders are involved and can act quickly to protect the organization. You will collaborate with leaders throughout the organization. You will foster relationships with key business partners, internal technology and cybersecurity teams, and external vendors to leverage technology to enable detection of cyber risk. You will remain knowledgeable about security issues, vulnerabilities, regulatory, legal, and security policies and standards that may impact information security.
Job Responsibilities
- Manage the work direction and resource needs for a team of Cybersecurity Analysts and Engineers. Define strategic goals and manage performance to meet those goals, specific to web application security including dynamic application security testing, secure software development, vulnerability scanning and remediation, API assessment, scripts monitoring, web application security program development, as well as vendor engagement related to these areas.
- Manage activities relative to the day-to-day operations of dynamic application security testing and scripts monitoring; determine business and technical requirements to maintain the highest possible degree of monitoring, assessment, testing, and analysis capability. Serve as a key respondent and facilitator for proactive cyber risk remediation in the organization.
- Recruit, retain, and develop a diverse and high performing team; create an environment of continuous learning and growth development.
- Follow industry and technology trends and best practices to advise leadership and direct teams on the best employment of tools, techniques and procedures.
- Maintain a high degree of awareness of current and potential threats and risks to the company and healthcare sector.
- Develop and maintain a working relationship with third-party service providers. Work with business unit executives and service providers to introduce into and refine cybersecurity capabilities within the environment.
- Must possess a broad knowledge relating to web application development, IT infrastructure and Cybersecurity, and have in-depth and up-to-date experience with today's enterprise level applications, platforms, and tools, including asset/application/service discovery, web application security testing tools (dynamic, static, composition analysis) and other vulnerability scanning and application monitoring tools, techniques, and procedures.
Qualifications
- Bachelor's degree in related field or equivalent combination of education and experience preferred
- 10+ years in Information Technology, including 3+ years of experience managing a complex function, team or program.
- 5+ years direct experience in cybersecurity operations related to web application security testing.
- Experience in Windows, UNIX/Linux OS required.
- Functional understanding of regulatory and compliance mandates and frameworks, including but not limited to: HIPAA, HITECH, PCI, Sarbanes-Oxley, OWASP, Center for Internet Security (CIS), NIST, or MITRE Attack Framework preferred.
- Experience conducting Web Application Security Testing (DAST, SAST, SCA, RASP, IAST), and Vulnerability Testing (Network, Application, Database, and/or System Security), Analysis, Prioritization, and Documentation, and the management of communication with leadership and affected stakeholders preferred.
- Experience creating, administering, and maintaining web applications and/or APIs preferred.
- Familiarity with coding languages such as Python, Java, JavaScript, C++, C# or others preferred.
- Leadership experience preferred
- Demonstrated ability to effectively communicate and present complex technical information to a broad audience and make recommendations with justification to leadership.
- Proven investigative and problem solving, critical thinking, root-cause analysis, and business risk analysis skills.
- Experience in the healthcare industry or critical infrastructure preferred
#LI-Remote
#LI-CSH
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.