Manager IS Cyber Security

Northwestern Memorial Healthcare•Chicago, IL

12d

About The Position

The Manager, IS CyberSecurity, reflects the mission, vision, and values of NM, adheres to the organization’s Code of Ethics and Corporate Compliance Program, and complies with all relevant policies, procedures, guidelines and all other regulatory and accreditation standards. The Manager, IS CyberSecurity is responsible for CyberSecurity operations and helping to ensure all systems are functional and secure. Responsibilities include, but not limited to, Threat and Vulnerability Management, Logging and Monitoring, Endpoint Protection, Incident Response, Medical Device Security, Identity Access Management, Privileged Access Management, Application and Cloud Security. This individual will also help to develop and deliver IS security standards, best practices, architecture, and systems to ensure security across the enterprise, implement procedures for auditing and addressing non-compliance to information security standards, migrate non-compliant systems to compliant systems, and help to ensure the organization is adhering to security industry best practices. This individual should possess a robust operational understanding of Security Operations and Identity technologies while also demonstrating leadership capabilities in guiding a technical team. This individual will provide input to strategic decisions that affect IS security, oversee the budget, and handle complex issues that may involve Sr. Leadership, Legal, HR, Compliance, Privacy, Law Enforcement, or other regulatory bodies. Northwestern Medicine Information Services drives innovative, high-value solutions to transform health care. We are committed to supporting the relentless pursuit of better medicine by providing exceptional service to our patients and guests as well as internal clients across the organization. To ensure excellence, our team goes to extraordinary lengths to ensure that our systems work together seamlessly. Northwestern Medicine understands that technology plays an integral role in shaping the future of health care. Information Services strategically supports the organization by: Leveraging AI, automation and rollout of advanced cyber controls that support digital transformation strategies Implementing advanced technologies in clinical and administrative areas Furthering development of the end user support model to help enhance modern infrastructure

Requirements

Bachelor’s degree.
5 years’ experience in Information Security.
2 years’ experience in a lead or manager position.
Demonstrated project management, process improvement and budgeting skills.
Demonstrated ability to effectively establish and maintain working relationships with peers and constituents at all levels of the organization.
Demonstrated analysis and problem-solving skills.
Experience working with and negotiating with external vendors and negotiating vendor contracts.
Excellent team building skills.
Excellent verbal and written communication skills.
Outstanding coordination, facilitation, consultation and conflict resolution skills.
Management experience with complex, cross-organizational systems.
Knowledge of applicable laws, guidelines or regulations as they relate to Healthcare Information Security (HIPAA, NIST, GDPR etc..).
Familiarity with Identity Management and Network Security processes, technologies and best practices.

Nice To Haves

Healthcare technology background
Information Security Certifications (CISSP, etc.)
Master’s degree in related field

Responsibilities

Manage projects, processes, resources and support activities within Security.
Manage vendor relationships, contracts and contract management policies for cost effectiveness, negotiate licensing agreements, plan for major software/infrastructure upgrades, and ensure that service management processes are used.
Demonstrate the ability to deal with the changing environment and to lead/facilitate and manage change efficiently and effectively where appropriate.
Manage operating and capital budgets to meet NMHC budget goals.
Develop and maintains strong working relationships to collaborate and partner with peers and key stakeholders.
Provide for twenty-four-hour support for technical issues and incident response.
Participate in related and relevant international and national professional organizations, and represents the NMHC at appropriate national and international forums.
Manage, mentor and influence a team of security analysts and engineers to become successful security champions. This includes responsibility of career development and growth of direct reports.