Senior Manager - Cybersecurity

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

How is this team contributing to the vision of Providence?

We, at External Services (ES), the healthcare consulting and services arm of Providence India, help build technology solutions that modernize and simplify each step of the healthcare delivery process. And we do that by putting the patient and the provider at the center of everything we do. Using the most promising and practical ideas, combined with the experience and expertise from people from the healthcare industry, we are creating experiences that work for care facilities, their patients and move us ahead on our mission of “Health for a better world “.

 

What will you be responsible for?

  • Establish, operationalize, and continuously improve the ES Cybersecurity strategy, capabilities, and services operating out of India.
  • Oversee emerging security threats, proactive modelling, and validation.
  • Identify changes to Cybersecurity requirements, align Cybersecurity strategy and roadmap to meet those requirements.
  • Lead and manage the Cybersecurity team, providing guidance, mentorship, and support to ensure team’s success.
  • Drive change and innovation for Cybersecurity across diverse teams and time zones. Provide thought leadership on Cybersecurity – driving engineering, automation, analytics, and advanced threat analysis.
  • Provide oversight and direction for the Cybersecurity engagement model, capabilities, programs, and services. Govern adherence to policies and standards. Own, enhance, and drive the global operating model.
  • Establish deep trust relationships with customer’s key security leaders and related IT/controls and business operations personnel.
  • Engage in strategic planning with customer’s stakeholders for deployment or enhancement of Cybersecurity services and technologies.
  • Act as the primary point of contact between customer’s executive leadership and Cybersecurity teams to engage executive leadership and communicate the progress of Cybersecurity programs and services.
  • Lead the strategy, development, and delivery of Cybersecurity capabilities and services.
  • Collaborate with other Providence teams and leadership to discover and realize innovation for Cybersecurity capabilities and services.
  • Understand, advocate, and deploy Providence and ES vision, goals, and commitments within Cybersecurity teams.
  • Serve as a member of the ES extended leadership team providing expertise and input for decisions relating to security threat and risk management.
  • Build and manage a professional, creative, and collaborative team. Hire, train, and develop staff to ensure the team has both the technical and organizational skills to effectively maintain operations and support as measured by established service levels.
  • Provide responsive leadership to delegate, coordinate, and motivate staff; evaluate performance for direct reports and for contractors/other peoples’ direct reports; work with individuals and HR to improve performance as needed.
  • Oversee a team of up to 15 caregivers.

 

What would your day look like?

  • Act as the Cybersecurity leader for customer. Integrate Cybersecurity requirements into capability/service scope, strategy, programs, and operations.
  • Manage customer Cybersecurity teams and environment. Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
  • Lead the identification, development, enforcement, and monitoring of security policies, standards, and procedures, including security hardening.
  • Lead security engineering for technology and security services/components, and security platforms/tools, supporting complex hosting and integration.
  • Lead technical, administrative, and physical security and risk assessments, viz. configuration review, code review, application security testing, penetration testing, IT general controls assessment, vendor risk assessment, etc.
  • Collaborate with cross-functional teams on security related matters, esp. to identify, investigate, and remediate security vulnerabilities and mitigate risks.
  • Provide leadership during security events and incidents. Help team in managing incident response including detection, analysis, containment, and resolution of security incidents. Act as an escalation contact to support investigations required.
  • Lead other Cybersecurity functions as directed, including development, and testing of automation.
  • Communicate and summarize status of operations and projects, and progress toward major initiatives to leadership as well as to direct and indirect reports.
  • Identify customers' unique cybersecurity needs, develop / tailor ES Cybersecurity services portfolio to address those needs.

 

Who are we looking for?

  • 4-year University (Bachelor’s) degree in Computer Science, Information Technology, or STEM fields, or equivalent experience.
  • 12+ years of Information Systems experience. 6+ years of Cybersecurity leadership experience.
  • Preferred few years of working experience in an Information Security role within a Healthcare, Pharma or Bio-Technology organization.
  • Key experience highlights include, demonstrated ability to create and successfully execute strategic plans for highly complex Cybersecurity requirements; implementing advanced programs and technologies; standardizing complex and disparate processes and consolidating multiple teams into a single cohesive team.
  • Technical leadership skills across a broad range of Cybersecurity areas, viz. Security Engineering, Operations, Governance, and Identity and Access Management.
  • Ability to manage functions and deliver capabilities and services with the highest complexity and broadest breadth – typically at the enterprise-level.
  • Ability to coordinate and facilitate between executive leadership, resource managers of all IT teams, project management and consulting resources.
  • Thorough knowledge of Cyber Security, Data Privacy, and technical security concepts and technologies.
  • Strong knowledge of security best practices and standards (ISO/IEC 27001/27002, 27005, 27032, 27799, NIST CSF, NIST SP 800-53, 800-39).
  • Working knowledge of one or more technology domain security (On-prem, Cloud, Network, Application, Identity and Access, etc.) and security platforms/tools (SIEM, SOAR, EDR, SSE, VA, SAST/DAST, PT, AD/Azure AD, IAM, PAM, Security Posture Monitoring, etc.).
  • Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams.
  • Preferred CISSP, CASP+, CISM or equivalent certification.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.