Your North Star: Lead a team of information security professionals to protect and defend Children's National Hospital, our patients, families, and staff. The Manager for Information Security Platforms will be responsible for leading a team of engineers to enhance the security posture of CNH's large platforms across our core information security pillars: Architecture and Engineering, Operations, Governance and Risk Management, Identity, and Training and Exercises. They will build a holistic program in collaboration with stakeholders, recognizing the critical role that platform engineering plays in the next generation of care delivery, research, and science. We are seeking a dynamic leader who excels at inspiring others through compelling communication and storytelling. This individual should be a doer, equally comfortable managing direct reports, overseeing partners, influencing colleagues, and rolling up their sleeves to execute. Familiarity with cloud platforms, providers, and security issues in the cloud is a priority.
- Participate in the design and architecture of the security for new platform implementations in the hospital, to include but not limited to new HR solutions, improved EMR platforms, and AI platforms and initiatives.
- Manage a team that helps architect and engineer across clouds the security boundary
- Ensure the team delivers operational and maintainable solutions and designs that meet the architecture principles for CNH
- Providing leadership in defining, prioritizing and delivering initiatives associated with new platform adoption
- Advising and assisting stakeholders (staff, contractors, special category associates and providers) across the hospital in platform issues and solutions
- Participating in industry working groups and provide insights back to CNH teams on leading practices
- Advising the Director of Information Security Governance and Risk Management, the CISO, CIO, and executive leadership team on platform adoption, integration points, and potential risks and solutions.
We are currently building a small team of cloud security engineers and Identity and Access analysts who will report to this role.
Qualifications: Minimum Education - Bachelor's Degree in education, psychology, social science, or another relevant discipline (Required)
- Master's Degree (Preferred)
Minimum Work Experience - 7 years of experience in information security. (Required)
- 3 years in a management role. (Required)
Required Skills/Knowledge - Experience leading a team of information security professionals
- Deep experience in Identity and Access Management and Cloud Platform Security
- Broad knowledge of relevant standards and best practices, including: HIPAA, HITRUST, NIST CSF, NIST SP 800-53/37, ISO 27001/2
- Experience designing and implementing technical solutions in Cloud Platforms. Experience with Sailpoint, Workday, Medical Record platform, and large platform migrations.
- Outstanding capability to collaborate with diverse stakeholders across all functional roles and technical capabilities
- Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Functional Accountabilities Operations - Core areas of responsibility that fall under this role include:
- Real time response to cyber events
- Information security incident management
- Security monitoring, detection, analyses and response to threat indicators, malicious activities from security systems and intelligence
- Incident response, playbooks, workflows, and escalation criteria in partnership with the rest of the cybersecurity team, our MSSP, contractors, and partners
- Oversight and productive collaboration with our MSSP
- Implementation, integration, tuning, and continual improvement of our security information and event monitoring (SIEM) solution and other security tools
- In collaboration with the head of cybersecurity architecture and engineering, security tool configuration, management, and updates to protect and defend our network, devices, systems
- Cybersecurity investigations
- Threat analysis and recommendations about changes to CN security posture
- Reporting on performance against established security metrics
- Advising the Director of Security Operations, CISO, CIO, and executive leadership team on incidents, investigations, and operational issues
Identity - Core areas of responsibility that fall under this role include:
- Ensure the secure and timely provisioning of access to applications and resources across the hospital
- Participate in the development of identity and access control policies
- Manage the execution of access certifications
- Developing a roadmap for identity and access management implementation and continuous improvement
- Overseeing contractors responsible for delivery of IAM solutions
- Providing leadership in defining, prioritizing and delivering initiatives associated with IAM
- Advising and assisting stakeholders (staff, contractors, special category associates and providers) across the hospital in addressing IAM issues
- Participating in industry working groups and provide insights back to CNH teams on leading practices
- Defining and reporting on metrics that provide a holistic view of IAM issues
- Advising the Director of Information Security Governance and Risk Management, the CISO, CIO, and executive leadership team on IAM
To be successful in this role you will need to be:
- A leader who excels at building and inspiring outstanding teams
- A manager with a proven track record of supporting staff and their personal and professional growth
- An innovator who knows what it takes to execute and has a history of setting and meeting ambitions goals
- A highly dependable doer who can work with little supervision while being resilient to change
- A good listener who can check your ego at the door, allowing you to receive and provide candid feedback and criticism
- An individual of high personal integrity who is able to act calmly in high-pressure and high-stress situations
Leader Accountabilities Manager: Deliver
- Set and clearly communicate team goals and priorities in alignment with departmental goals and budgets
- Develop the budget and assign resources to meet the team goals
- Provide the resources and guidance required for employees to perform effectively
- Develop procedures to ensure high safety and quality, and course-correct as needed
- Identify customers' needs and ensure service excellence in meeting those needs
Engage
- Be the link between the department and the team in defining the strategies to meet team goals
- Provide prompt and clear verbal and written feedback to staff and manage/guide their performance
- Ensure team adherence to regulations, policies and procedures
- Manage the working environment to promote productivity and motivation
- Represent the team in clearing obstacles to high performance
- Recruit talents and develop their capabilities
- Monitor and promote strong employee engagement
Grow
- Encourage and share new ways of making the right work easier to do
- Recognize and share incremental improvements in operations
- Promote the success of organizational and department initiatives by clearly aligning programs to the mission