Director (or) Associate Director, Cybersecurity Defense Operations

Description

Penn Medicine is dedicated to our tripartite mission of providing the highest level of care to patients, conducting innovative research, and educating future leaders in the field of medicine. Working for this leading academic medical center means collaboration with top clinical, technical and business professionals across all disciplines.

Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work?

Director Cybersecurity Defense Operations

Reporting to the Chief Information Security Officer (CISO), the Director Cybersecurity Defense Operations is responsible for leading and developing the cyber defense function, with the mission to anticipate, detect, and stop risk events, respond to and investigate cybersecurity incidents, and provide input to enhance cybersecurity architecture and protection measures. The organization's area of responsibility includes the 24x7 security operations center, cyber defense tooling and automation, incident response management, threat intelligence, threat hunting, and attack surface reduction.

Accountabilities:

• Owns and executes a portfolio of projects to mature all functions within area of responsibility, in alignment with the Cybersecurity strategic roadmap.
• Provides leadership and direction for the 24x7 security operations team and third party services to monitor and analyze security events with the goal of predicting and detecting information security incidents.
• Builds and leads a team of security threat management experts to envision, design, build, and implement automated threat detection and blocking solutions using behavior-based and indicator-based detection.
• Builds and leads a team of senior incident response engineers and forensic investigators to contain, investigate, mitigate and recover from information security incidents, to produce threat indicators/IOCs, and to conduct quality forensic investigations in support of IT, HR, Legal, Compliance and other stakeholders.
• Builds and leads a team of vulnerability management specialists and penetration testing engineers to identify high risk vulnerabilities of systems and drive to timely remediation of identified gaps.
• Builds and leads a team of cyber intelligence analysts to develop a formal threat modeling methodology, create and update organization’s threat profile, gather and analyze human-focused threat intelligence from different sources, and produce and disseminate intelligence reports to business leaders and risk management SMEs.
• Establishes and sustains strong working relationships with federal and local law enforcement community (e.g. FBI, DHS), national intelligence organizations, and industry peers with similar responsibilities.
• Establishes and maintains strong working relationships with industry peers and other external stakeholders.
• Communicate the status and accomplishments of the organization’s operational activities and projects to company’s executive leaders, peers in the IT organization, customers and stakeholders.
• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures
• Other duties as assigned to support the unit, department, entity, and health system organization

Associate Director Cybersecurity Defense Operations

Reporting to the Chief Information Security Officer (CISO), the Associate Director Cybersecurity Defense Operations is responsible for leading and developing the cyber defense function, with the mission to anticipate, detect, and stop risk events, respond to and investigate cybersecurity incidents, and provide input to enhance cybersecurity architecture and protection measures. The organization's area of responsibility includes the 24x7 security operations center, cyber defense tooling and automation, incident response management, threat intelligence, threat hunting, and attack surface reduction.

Accountabilities:

• Owns and executes a portfolio of projects to mature all functions within area of responsibility, in alignment with the Cybersecurity strategic roadmap.
• Provides leadership and direction for the 24x7 security operations team and third party services to monitor and analyze security events with the goal of predicting and detecting information security incidents.
• Builds and leads a team of security threat management experts to envision, design, build, and implement automated threat detection and blocking solutions using behavior-based and indicator-based detection.
• Builds and leads a team of senior incident response engineers and forensic investigators to contain, investigate, mitigate and recover from information security incidents, to produce threat indicators/IOCs, and to conduct quality forensic investigations in support of IT, HR, Legal, Compliance and other stakeholders.
• Builds and leads a team of vulnerability management specialists and penetration testing engineers to identify high risk vulnerabilities of systems and drive to timely remediation of identified gaps.
• Builds and leads a team of cyber intelligence analysts to develop a formal threat modeling methodology, create and update organization’s threat profile, gather and analyze human-focused threat intelligence from different sources, and produce and disseminate intelligence reports to business leaders and risk management SMEs.
• Establishes and sustains strong working relationships with federal and local law enforcement community (e.g. FBI, DHS), national intelligence organizations, and industry peers with similar responsibilities.
• Establishes and maintains strong working relationships with industry peers and other external stakeholders.
• Communicate the status and accomplishments of the organization’s operational activities and projects to company’s executive leaders, peers in the IT organization, customers and stakeholders.
• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures
• Other duties as assigned to support the unit, department, entity, and health system organization

Director Cybersecurity Defense Operations

Education and Experience:

• Bachelor's Degree required.
• Current Internal Penn Medicine Information Services division employees may be considered with proof of active and continued enrollment in an approved bachelor degree program.
• At least 10 years of professional experience working in Information Technology required.
• At least 7 years of professional experience working within cybersecurity required.
• At least 3 years of management/leadership experience required.

Required Skills:

• Experience in designing, building and managing 24x7 cybersecurity defense operations, using hybrid models including full time staff and external services.
• Deep understanding of and prior hands-on experience in multiple aspects of cyber defense activities including vulnerability/risk research, incident response, and other.
• Understanding of contemporary security vulnerabilities, exploitation techniques and attack vectors.
• Understanding of all major information security enforcement technology solutions, including advanced malware detection/prevention, cloud security management, network security, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
• Demonstrated track record of successfully developing and maturing cyber risk organizations with the emphasis on delivering results.
• Demonstrated ability to establish and maintain strong working relationships with stakeholders, partners and industry peers.
• Strong skills and experience in designing and documenting complex processes, and identifying and eliminating.
• Strong track record of managing people, projects and processes
• Ability to express technical information clearly and simply to non-technical persons
• Demonstrated interpersonal/verbal communication skills
• Demonstrated customer service skills
• Demonstrated success in coordinating the activities and deliverables of project teams
• Ability to communicate effectively with all levels of staff
• Ability to navigate a political landscape with internal and external stakeholders
• Ability to work effectively with a range of business, clinical, and academic leaders

Associate Director Cybersecurity Defense Operations

Education and Experience:

• Bachelor's Degree required.
• Current Internal Penn Medicine Information Services division employees may be considered with proof of active and continued enrollment in an approved bachelor degree program.
• At least 7 years of professional experience working in Information Technology required.
• At least 5 years of professional experience working within cybersecurity required.
• At least 2 years of management/leadership experience required.

Required Skills:

• Experience in designing, building and managing 24x7 cybersecurity defense operations, using hybrid models including full time staff and external services.
• Deep understanding of and prior hands-on experience in multiple aspects of cyber defense activities including vulnerability/risk research, incident response, and other.
• Understanding of contemporary security vulnerabilities, exploitation techniques and attack vectors.
• Understanding of all major information security enforcement technology solutions, including advanced malware detection/prevention, cloud security management, network security, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
• Demonstrated track record of successfully developing and maturing cyber risk organizations with the emphasis on delivering results.
• Demonstrated ability to establish and maintain strong working relationships with stakeholders, partners and industry peers.
• Strong skills and experience in designing and documenting complex processes, and identifying and eliminating.
• Strong track record of managing people, projects and processes
• Demonstrated interpersonal/verbal communication skills
• Ability to communicate technical information and ideas
• Demonstrated customer service skills
• Demonstrated success in coordinating the activities and deliverables of project teams
• Ability to communicate effectively with all levels of staff
• Ability to navigate a political landscape with internal and external stakeholders
• Ability to work effectively with a range of business, clinical, and academic leaders

As part of our COVID-19 response, this position may currently be offering partial or full remote work. However, in the near future this position will require full or partial on-site work.

Be a part of the exciting and ground-breaking upcoming years for the Penn Medicine Information Services department! Because growth is essential to continuing to meet the current and future needs of patients, Penn Medicine continues to expand its capabilities. Penn Medicine's Information Services (IS) Department focuses its efforts on the clinical and financial systems that support the day-to-day operations of six (6) hospitals, several satellite practices, and more than 8,923 physicians. http://www.pennmedicine.org/information-services

We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives.

Live Your Life's Work

We are an Equal Opportunity and Affirmative Action employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.