The Manager of Security - Incident Response position will provide operational leadership and direction to a team of technical professionals dedicated to the development and delivery of information security standards, best practices and technical solutions. Lead activities to provide the appropriate access, protection, confidentiality, integrity and availability of enterprise systems and data through effective security controls. Oversee and participate in the planning and implementation of security administration for technology projects. Serve as point-person and subject matter expert for issues and projects related to area of responsibility.
Responsible for ensuring enterprise perimeter and host-based defense (including intrusion detection, intrusion prevention, firewall management, anti-malware and identity management) services for the organization including event monitoring and analysis, tracking systems security alerts and incident handling and investigation.
Work with the business and across technology to identify current and/or potential security risks and develop, implement, drive and optimize security solutions, methodologies, policies and/or practices. Conduct risk analysis and contribute to the prioritization of information security initiatives based on risk and business need. Weigh business needs against security concerns; make recommendations and clearly articulate options (including benefits and risks) to business partners, decision makers and key stakeholders.
Conduct regular, comprehensive application and system security health checks and identify and recommend opportunities for improvement from an information security standpoint.
Lead solution design and delivery to address risks/vulnerabilities, meet requirements/needs of the business and ensure compliance with federal and state regulatory mandates and requirements. Effectively oversee multiple projects/initiatives simultaneously.
Provide oversight and leadership to an information security team (may include employees, contract personnel and/or vendor partners and their resources). Effectively manage team work load and ensure knowledge sharing and cross-training of team members to effectively support the business and execute on team/function deliverables. Develop and maintain a high-performing team through effective hiring, coaching and performance management.
Develop, maintain and champion information security requirements, policies, and procedures across the business and technology. Design and implement mechanisms for education and governance, ensuring organizational and technical compliance with policies and requirements.
Implement and manage monitoring tools, processes and procedures to effectively identify security concerns, risks and incidents. Provide end-to-end management of security incidents to ensure prompt and effective remediation.
Create and drive action plans to address recurring or ongoing information security incidents. Ensure escalation and effective hand-off of issues to other technology groups as required.
Bachelors degree in computer science, engineering or equivalent work experience
5-7 years of experience in roles with increasing responsibility in the technical fields of information security
3+ years of demonstrated success and expertise in information security methodology, concepts, and analysis/monitoring.
2+ years of (direct or indirect) leadership experience, including demonstrated success leading teams to delivery of technical solutions.
Broad technical experience including systems analysis, application development, networking, and database design and administration. .
Proven experience with fire wall theory and configuration, domain structures, user authentication and digital signatures.
CISSP, CISA, CISM or CRISC; or equivalent security certification
2+ years of experience designing and governing corporate policies while ensuring compliance with legal and regulatory statutes.
Strong presentation skills with proven ability to successfully interface with and influence at all levels
Excellent written and verbal communication skills with an emphasis on confidentiality, tact and diplomacy
Together with the University of Minnesota and University of Minnesota Physicians we have created M Health Fairview. M Health Fairview is the newly expanded collaboration among the University of Minnesota, University of Minnesota Physicians, and Fairview Health Services. The healthcare system combines the best of academic and community medicine — expanding access to world-class, breakthrough care through our 10 hospitals and 60 clinics.Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 10 hospitals—including an academic medical center and long-term care hospital—serving the greater Twin Cities metro area.Its broad continuum also includes 60 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider network and health insurer PreferredOne. In partnership with the University of Minnesota, ...Fairview’s 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education.