Senior Manager - Security Operations
How is this team contributing to the vision of Providence?
We, at External Services (ES), the healthcare consulting and services arm of Providence India, help build technology solutions that modernize and simplify each step of the healthcare delivery process. And we do that by putting the patient and the provider at the center of everything we do. Using the most promising and practical ideas, combined with the experience and expertise from people from the healthcare industry, we are creating experiences that work for care facilities, their patients and move us ahead on our mission of “Health for a better world “.
What will you be responsible for?
- Establish, operationalize, and continuously improve the ES Cybersecurity strategy, capabilities, and services operating out of India.
- Oversee emerging security threats, proactive modelling, and validation.
- Identify changes to Cybersecurity requirements, align Cybersecurity strategy and roadmap to meet those requirements.
- Lead and manage the Cybersecurity team, providing guidance, mentorship, and support to ensure team’s success.
- Drive change and innovation for Cybersecurity across diverse teams and time zones. Provide thought leadership on Cybersecurity – driving engineering, automation, analytics, and advanced threat analysis.
- Provide oversight and direction for the Cybersecurity engagement model, capabilities, programs, and services. Govern adherence to policies and standards. Own, enhance, and drive the global operating model.
- Establish deep trust relationships with customer’s key security leaders and related IT/controls and business operations personnel.
- Engage in strategic planning with customer’s stakeholders for deployment or enhancement of Cybersecurity services and technologies.
- Act as the primary point of contact between customer’s executive leadership and Cybersecurity teams to engage executive leadership and communicate the progress of Cybersecurity programs and services.
- Lead the strategy, productization, sales and delivery of Cybersecurity capabilities and services.
- Collaborate with other Providence teams and leadership to discover and realize innovation for Cybersecurity capabilities and services.
- Understand, advocate, and deploy Providence and ES vision, goals, and commitments within Cybersecurity teams.
- Serve as a member of the ES extended leadership team providing expertise and input for decisions relating to security threat and risk management.
- Build and manage a professional, creative, and collaborative team. Hire, train, and develop staff to ensure the team has both the technical and organizational skills to effectively maintain operations and support as measured by established service levels.
- Provide responsive leadership to delegate, coordinate, and motivate staff; evaluate performance for direct reports and for contractors/other peoples’ direct reports; work with individuals and HR to improve performance as needed.
- Oversee a team of up to 15 caregivers.
What would your day look like?
- Act as the Cybersecurity leader for customer. Integrate Cybersecurity requirements into capability/service scope, strategy, programs, and operations.
- Manage customer Cybersecurity teams and environment. Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
- Lead the identification, development, enforcement, and monitoring of security policies, standards, and procedures, including security hardening.
- Lead security engineering for technology and security services/components, and security platforms/tools, supporting complex hosting and integration.
- Lead technical, administrative, and physical security and risk assessments, viz. configuration review, code review, application security testing, penetration testing, IT general controls assessment, vendor risk assessment, etc.
- Collaborate with cross-functional teams on security related matters, esp. to identify, investigate, and remediate security vulnerabilities and mitigate risks.
- Provide leadership during security events and incidents. Help team in managing incident response including detection, analysis, containment, and resolution of security incidents. Act as an escalation contact to support investigations required.
- Lead other Cybersecurity functions as directed, including development, and testing of automation.
- Communicate and summarize status of operations and projects, and progress toward major initiatives to leadership as well as to direct and indirect reports.
- Identify customers' unique cybersecurity needs, develop / tailor ES Cybersecurity services portfolio to address those needs.
Who are we looking for?
- 4-year University (Bachelor’s) degree in Computer Science, Information Technology, or STEM fields, or equivalent experience.
- 12+ years of Information Systems experience. 6+ years of Cybersecurity leadership experience.
- Preferred few years of working experience in an Information Security role within a Healthcare, Pharma or Bio-Technology organization.
- Key experience highlights include, demonstrated ability to create and successfully execute strategic plans for highly complex Cybersecurity requirements; implementing advanced programs and technologies; standardizing complex and disparate processes and consolidating multiple teams into a single cohesive team.
- Technical leadership skills across a broad range of Cybersecurity areas, viz. Security Engineering, Operations, Governance, and Identity and Access Management.
- Ability to manage functions and deliver capabilities and services with the highest complexity and broadest breadth – typically at the enterprise-level.
- Ability to coordinate and facilitate between executive leadership, resource managers of all IT teams, project management and consulting resources.
- Thorough knowledge of Cyber Security, Data Privacy, and technical security concepts and technologies.
- Strong knowledge of security best practices and standards (ISO/IEC 27001/27002, 27005, 27032, 27799, NIST CSF, NIST SP 800-53, 800-39).
- Working knowledge of one or more technology domain security (for On-prem, Cloud, Network, Application, Identity and Access, etc.) and security platforms/tools (for SIEM, SOAR, EDR, VA, SAST/DAST, PT, AD/Azure AD, IAM, PAM, Security Posture Monitoring, etc.).
- Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams.
- Preferred CISSP, CASP+, CISM or equivalent certification.