Summary of Position Responsible for working with our Managed Security Services vendors to ensure the services being delivered are in accordance with best (industry level) practices, especially in terms of assessments, monitoring, prevention, detection, response, mitigation, etc. Key focus areas: the Security Operations Center (SOC), Incident Response, Perimeter Security, Security Assessments (Red/Purple Teaming, Penetration Testing), and other cybersecurity services as necessary. Provide critical governance to our Managed Security Services vendors; identify and ensure implementation of secure solutions in focus areas. Principal Accountabilities
- Responsible for managing relationships with our Managed Security Services vendors, ensuring effective delivery of security services for focus areas, including adherence to SLAs, KPIs, and contractual obligations while addressing service gaps and driving continuous improvement.
- Oversee and drive our Managed Security Services vendor's Security Operations and Incident Response functions, ensuring proper detection, investigation, and response to security incidents in alignment with corporate policies and standards. Analyze trends and drive improvements in service effectiveness and threat mitigation.
- Review and assess security changes proposed and implemented by Managed Security Services vendors, ensuring alignment with enterprise security policies, standards, and architectural best practices. Provide guidance to refine solution as needed and approve changes that meet security and compliance requirements.
- Lead security assessments, including Purple Teaming, Red Teaming, and penetration testing, ensuring that identified security gaps and deficiencies are remediated.
- Enhance security operations by integrating industry best practices, emerging threats, and lessons learned from security incidents and security assessments, and identifying, recommending, and implementing new security solution.
Qualifications
- Bachelor's Degree in a relevant Information Technology field of study, such as computer/software engineering, project management or equivalent experience initiatives
- Master's degree in computer science, information technology or business preferred
- Technical certifications in related areas preferred
- Project Management (PMI) or Six Sigma/related certification preferred
- 10 - 12+ years of relevant, professional work experience, preferably in a healthcare provider environment
- 8+ years' information security experience
- 5+ years working with in an outsourced environment
- Proven management skills, as well as strong leadership skills, with the ability to lead technical teams
- In depth knowledge of Microsoft Office suite and standard business applications
- Demonstrated knowledge of standard networking protocols, computing operating systems, & LAN/WAN topology
- Must be able to gain a technical understanding of emerging technologies
- Ability to effectively and efficiently manage multiple projects and efforts simultaneously, including ability to set appropriate priorities for effect timely completion of numerous concurrent tasks and projects within defined resource limitations
- Demonstrated ability to form and maintain collaborative partnerships across a complex organization with diverse constituencies; ability to build consensus on complex and sometimes controversial subjects.
- Proven ability to work with technology vendors in the delivery of project solutions
- Industry level knowledge of technology and IT market trends
- Experience with Software Licensing and contract management
- Exceptional communication skills, both oral and written; the ability to communicate effectively by adapting approach, language and style to a wide variety of audiences, including stakeholders that are both technical and non-technical; ability to grasp and communicate the big picture while remaining conversant with details
Additional Information
- Requisition ID: 1000002648
- Hiring Range: $113,400-$210,600
|
EmblemHealth
Aug 20, 2025