Resp & Qualifications
PURPOSE: You will be responsible for managing CareFirsts Cybersecurity engineering team, with a strong emphasis on cloud, identity, and infrastructure security. You will execute and implement the CareFirst Cybersecurity strategic roadmap to reduce risk and to continuously deliver new functionality with security, privacy, and data protection by design. Additionally, you will be responsible for planning, developing, mentoring, leading, and monitoring work of the department and its staff. This position requires a strong engineering background, solid leadership skills, and a deep understanding of secure design, software development and enterprise infrastructure security. ESSENTIAL FUNCTIONS: Manage and develop a talented team of security engineers, motivating, coaching, mentoring, and setting goals for the team and modeling engineering excellence through Design, Documentation and Delivery capabilities. Partner with the Cybersecurity Senior Leadership Team and cybersecurity engineers in planning and delivery of the team’s roadmaps Consults with internal stakeholders to meet client delivery, quality, and cost goals. Creates a system of measurable metrics to effectively monitor the impact of the Cybersecurity program. Establish and monitor key performance indicators and ensure that performance goals are achieved. Ensures organizational procedures are aligned to maintain compliance with industry and regulatory standards. Monitors trends to ensure organizational efficiency in cybersecurity applications. Provides technology oversight of solutions such as SailPoint, Okta, Microsoft Entra, CyberArk, and Hashi Vault. Vendor management of both our software vendors and MSSPs Oversee MSSP relationships for both Red Team and External Pen Testing. Strong understanding of cloud and identity platforms, security and governance, network, infrastructure, and cybersecurity technologies preferred. Knowledge of common information security management frameworks and practices, such as ISO, NIST, HIPAA. Experience with secure coding practices, ethical hacking. QUALIFICATIONS: Education Level: Bachelor’s Degree, Computer Science, Information Technology, or related field OR in lieu of a Bachelor’s degree, an additional 4 years of relevant work experience is required in addition to the required work experience. Experience: 5 years Related professional experience, 1 year Supervisory experience or demonstrated progressive leadership experience Licenses/Certifications: CISSP Certified Information Systems Security Professional Upon Hire Preferred Certified Information Security Manager (CISM) Upon Hire Preferred CompTIA Advanced Security Practitioner (CASP) Upon Hire Preferred Knowledge, Skills and Abilities (KSAs) Ability to multitask and manage multiple IT vendor relationships. Ability to lead and work as part of a team. Ability to execute technology and tool automation processes. Deep knowledge of risk treatment and mitigation strategies. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity. Thorough understanding of cyber threats and vulnerabilities. Must be able to effectively work in a fast-paced environment with frequently changing priorities, deadlines, and workloads that can be variable for long periods of time. Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging. Salary Range: $143,120 – $265,667 REQNUMBER: 19767 #J-18808-Ljbffr
ISO standards infrastructure systems network-security HIPAA Fast-paced environment Certified Information Security Manager (CISM) identity Certified Information Systems Security Professional (CISSP) Communication Engineering Manager cloud-computing Security metrics Design Systems Cybersecurity Leadership Cyber threats Software Developer