Manager, Information Security

About The Position

Requirements

• Bachelor's degree or equivalent experience
• At least 10-years prior relevant experience, including 4 years of management experience and at least 1 year of leading one or more critical cybersecurity functions
• Requires strong knowledge of security operations, incident response, SIEM platforms, and threat detection technologies
• Requires direct experience building and leading a high functioning 24x7 SOC operation, security incident management, and investigations & forensics function
• Familiarity with frameworks such as MITRE ATT&CK, NIST, HIPAA, and CIS Controls
• Requires exceptional communication skills with both technical teams and non-technical stakeholders
• Strong understanding of Agile delivery models and backlog management
• Ability to manage multiple complex workstreams and successfully interact with all levels of management
• Experience with regulatory certifications such as HIPAA, SOC2, PCI-DSS and FedRAMP
• Understanding of advanced management approaches such as scheduling for internal & external resources, prioritizing across competing requests, budget management and oversight, coaching & mentoring direct reports, risk management, and delegation
• Excellent verbal / written communication, collaboration, analytical and presentation skills

Nice To Haves

• Industry certifications such as CISSP, CISM, GIAC, or equivalent highly desired
• Experience with AI/ML concepts and tools desired
• Preferred experience working within the Healthcare industry

Responsibilities

• Execute information technology strategies, plans, and priorities for a comprehensive information security program
• Create relationships within Blue Shield to understand business requirements and work with them to accomplish those requirements within the security framework
• Manage staff in the planning, design, and support the security technology stack
• Develop and maintain relationships with managers in business unit teams and the IT teams to drive security plans
• Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLAs
• Lead and manage the 24/7 Security Operations Center (SOC), overseeing real-time monitoring, detection, and response to threats
• Integrate and optimize AI-driven threat detection tools, machine learning models, and behavioral analytics to identify anomalies across systems and data
• Develop and maintain automated playbooks for common security incidents to improve response times and reduce analyst fatigue.
• Continually enhance forensic and investigation capabilities to meet the needs of the organization
• Track and report on performance metrics and KPIs for security operations, automation efficiency, and AI tool effectiveness
• Serve as a security innovation leader, staying ahead of emerging technologies and integrating them into SOC strategy
• Drive continual maturation of our incident response program, consistent with proven industry best practices and maturity models.
• Own end-to-end delivery status, ensuring transparency, operational excellence, accountability, and timely updates across stakeholders
• Collaborate closely with external vendors, as well as internal product and engineering leads to coordinate and manage delivery when third-party solutions are part of the implementation
• Remove blockers and ensure delivery stays aligned with roadmaps and business outcomes