Director, Cybersecurity - Cyber Defense Operations

About The Position

Requirements

• Bachelor's degree in Business, Cybersecurity, Computer Science, Information Technology/Security, Risk Management, or related field or equivalent education/experience.
• CISSP-Certified Information Systems Security Professional within 1 Year of hire.
• 12 years recent relevant experience.
• Solid expertise in formal/structured information security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications.
• In-depth knowledge of information security technologies, infrastructures, methodologies, frameworks, techniques, security incident and event monitoring (SIEM) solutions (e.g., Splunk Enterprise Security, IBM QRadar, HP ArcSight, etc.), compliance reporting, and the development and implementation of these concepts to manage risk within a clinical environment.
• Extensive knowledge and understanding of current and emerging digital security trends, risks, threats, countermeasures, vulnerabilities, and mitigations ranging across the technologies required for securing applications, data centers, networks, and third-party access to data, applications, and resources.
• Broad working knowledge of health care operations and their related data/software/hardware requirements including, but not limited to, hospitals, clinics, medical offices, and their information technology needs.
• Detailed knowledge of state and federal information security, cyber security, compliance and privacy-related regulatory requirements, including a comprehensive understanding of National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and other recognized industry security standards and best practices.
• Comprehensive understanding of information confidentiality and integrity requirements especially as it relates to patient information in a healthcare environment (electronic health/medical records (EHR/EMR), Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), etc.).
• Superior business acumen and exceptional leadership skills to provide innovative solutions to complex problems and leveraging appropriate internal/external resources to meet corporate objectives.
• Expertise in building cross-functional team, fostering consensus, resolving conflicts, and managing risk, in addition to being an effective decision maker and expert delegator.
• Organizational skills with an understanding of team building and organizational dynamics, including creative problem identification and resolution, conceptualization, and contingency thinking skills.
• Advanced project management skills, including the ability to manage multidisciplinary teams that successfully define, develop, and deliver various information security solutions.
• Attention to detail with exceptional analytical skills in problem identification, analysis, and innovative resolution.
• Verbal and written communication, interpersonal, and presentation skills with the ability to present regulatory requirements, directives, ideas, and concepts effectively to a diverse audience.
• Advanced level of computer and application competency including Excel, Power Point, Word, and Project and relational database management systems.
• Adapt to changing or challenging initiatives while developing new ideas and approaches aimed at improving results.
• Foster an environment of collaboration at all levels of the organization, including engaging and influencing individuals or groups with various opinions and levels of knowledge, building consensus, and then enlisting cooperation without direct control/authority.

Nice To Haves

• Leadership experience overseeing Cyber Defense Operations functions including SOC, Incident Response, Threat Intelligence, Detection Engineering, and Incident Response in a large enterprise environment.
• Hands-on experience with SIEM, SOAR, EDR/XDR, threat hunting, automation, and security monitoring technologies.
• Proven ability to build and inspire high-performing cybersecurity teams through mentorship, Capture the Flag (CTF) events, attack demonstrations, tabletop exercises, and continuous technical development.
• Strong communication and executive presence with experience delivering cybersecurity metrics, threat intelligence reporting, operational dashboards, and risk updates to technical and business stakeholders.
• Experience defending healthcare environments and protecting critical systems, PHI, and clinical operations against modern cybersecurity threats including ransomware and advanced adversary activity.

Responsibilities

• Leads Sutter Health’s enterprise cybersecurity defense capabilities.
• Protects critical clinical, operational, and digital assets against evolving cyber threats.
• Provides strategic and operational leadership across core defensive functions including Security Operations Center (SOC), Incident Response (IR), Threat Intelligence, Detection Engineering, Security Automation, and Adversary Simulation.
• Delivers 24/7 threat detection, rapid incident containment, and coordinated response across the organization.
• Continuously improves defensive capabilities through automation, intelligence-driven operations, and measurable risk reduction.
• Drives alignment across cybersecurity, IT, clinical engineering, legal, and business teams to ensure resilience against cyber events that could impact patient care and operations.
• Owns the maturity and performance of the cyber defense program.
• Establishes roadmaps, operational metrics, and executive reporting that demonstrate control effectiveness, detection coverage, and overall security posture improvement.
• Partners closely with Security Engineering, Data Protection, and GRC leaders to ensure a fully integrated, threat-informed defense strategy aligned to enterprise risk priorities.

Benefits

• Eligible positions also include a comprehensive benefits package.