Manager Information Security Operations

Directs the efforts of others in the achievement of strategic and operational objectives of the group.

Advise and make recommendations in a strategic direction. Identify opportunities for automation standardization cost savings and business improvement. Identify gaps develop strategy and create operational plans in support of Brown University Health�s security mission.

Manage functional metric reporting requirements developing metrics delivered to executive steering committee and measuring program success. Manage resolution of problems with reporting and has responsibility for overseeing maintenance of reporting systems.

Manages Security Operations Center (SOC) surrounding SIEM Alerting / Detection (Network / Endpoint) Log Management Phishing (Detection & Response) Digital Forensics Penetration Testing Zero-Trust architecture threat-informed defense (MITRE ATT&CK) O365 and security automation.

Monitor / manage security controls across multi-cloud (Azure / AWS) environment as needed.

Develop maintain and publish up-to-date security policies standards and guidelines which align with industry best practices using control standards and regulatory frameworks. Ensure proper documentation is in place for a wide range of products including network devices virtual machines mobile devices Operating Systems and applications.

Integrate align and act as liaison with the business to ensure there is alignment to Brown University Health�s Information Security Program.

Manages third party partners and services to ensure Brown University Health receives value and performance in accordance with contractual agreements.

Drive continuous improvement against HIPAA Security Rule and NIST CSF

Develop roadmaps for enterprise security technologies.

Manage cloud / on-premises Incident Response processes including tabletop exercises for breach scenarios.

Ensure Brown University Health is prepared for external audits.

Responsible for developing and managing IS Security budget.

Maintains up-to-date technical knowledge by attending seminars vendor presentations and reading professional literature.

Participate in councils quality improvement teams and other committees as required.

Develop implement and monitor a strategic comprehensive enterprise information security and IT risk management program to ensure the integrity confidentiality and availability of information owned controlled or possessed by the organization

Oversee training and dissemination of security policies and practices

Participates in all departmental goals and strategy development. Provides assistance in negotiation and management of contracts with outside vendors.

Participate in Demonstrations/Presentations and Benchmarks

Ensure security programs are in compliance with relevant laws regulations and policies to eliminate or minimize risk and audit findings

Serve as a liaison between the information security team and corporate compliance audit finance legal marketing operations and HR management teams as required

Ensures Team RACI is always current.

Maintains work effort status within SLA�s on Brown University Health�s Service Desk Platform and Task Management Platforms. Assign tickets as required.

Attend and actively contribute to problem-management and major-incident conference calls as required providing technical guidance ensuring action-item ownership and driving timely resolution and root-cause analysis.

Attend and actively contribute to project and steering committee meetings as required.

Researches and assists in the piloting and evaluation of new tools technologies technical controls and processes to support and enforce defined security policies.

Monitor emerging threats vulnerabilities and industry best practices to ensure security controls remain effective and aligned with the evolving threat landscape.

Provide expertise on security best practices across IT infrastructure and enterprise operations to support secure business strategies.

Requires management support after normal hours for critical security incidents.

This position requires participation in a recurring on-call schedule that includes evenings and weekends. On-call responsibilities cover a wide range of IT incidents including but not limited to information security network server application and other enterprise technology issues. During general IT incident calls the manager serves in a scribe capacity documenting key details and ensuring accurate and timely entry into the service management platform.

Perform other related duties as required.

Bachelor�s degree in Management or information systems required; M.B.A. or M.S. in is preferred.

Certifications Required (3 or more - CISSP CISM CRISC GIAC CCSP Security+)

A minimum of ten years of IS experience with five years in an information security role.

Five years progressively responsible related work experience including at least two years of related supervisory/management experience in a similar environment.

Proven track record of managing remote teams.

Comprehensive understanding of risk assessment protocols to develop appropriate assessment models to evaluate program effectiveness and quantify information security and cybersecurity risks across the organization

Expert knowledge in security operations and incident response.

Experience designing and implementing secure landing zones in both Microsoft Azure and Amazon AWS.

Ability to translate technical risk into business impact for executive and clinical leadership.

Expert knowledge of third-party vendor security risk management and cyber supply chain management

Expert knowledge of regulatory requirements risk and industry standards associated with emerging technology authentication capabilities network design/security cloud computing environment the �dark web� and internet of things (IoT). Knowledge of leading Information Security industry frameworks (ie: NIST ISO SANS) and Information Security and Data governance models

Knowledge of network infrastructure including routers switches firewalls and the associated network protocols and concepts.

Ability to manage multiple high visibility deliverables simultaneously

Excellent customer service and interpersonal skills required

Must have excellent written and verbal (face-to-face and phone) communication skills including professional grammar and demeanor

Expert presentation and reporting to executive audiences

Experienced with Microsoft Excel

Experienced with vendor management selection and contracts

INDEPENDENT ACTION:

Functions independently within departmental policies and practices. Must be able to work independently in a manner to achieve goals objectives and productivity requirements. Refers unresolved complex issues to Director of Information Security where clarification of department policies and procedures may be required.

SUPERVISORY RESPONSIBILITIES:

Supervisory responsibility for up to 15 FTEs.