Description

SUMMARY

The Director is a key leadership role at Rochester Regional Health and has operational responsibility for the Information System and Technology Security Operations Center. The role is responsible for operational planning and deployment of threat intelligence, efficiency of security detection tools, threat alerting and triage, investigations and forensics, and incident / critical incident response planning, procedures, communication and coordination. The Director's scope of responsibility is system-wide and spans across the Rochester Regional Health enterprise and covers all cybersecurity threats, incidents, and investigations impacting the organization including enterprise and third/fourth party threats.

STATUS: Full time

LOCATION: Riedman Campus

DEPARTMENT: Information Technology - Security

SCHEDULE: Monday - Friday days

ATTRIBUTES

• Bachelor's degree in Information Technology, Engineering, Management, or equivalent field required.
• 3 years of Information Security cybersecurity experience required.
• Ability to collect and analyze facts from multiple sources and quickly develop and communicate hypotheses and recommendations to multiple stakeholders to facilitate rapid decision making and reach consensus.
• Knowledge of applicable global standards related to cybersecurity and privacy (NIST Cybersecurity Framework 800-53 rev 4, ISO 270XX, ISO 62443, HIPAA / HITRUST, EU standards GDPR, NISD, Common Criteria, PCI DSS)

RESPONSIBILITIES

• Threat Intelligence: Monitors and evaluate new threat intelligence. Partners with managed security providers (MSP) to integrate threat intelligence feeds into the Security Information and Event Management (SIEM) system for identification of Incidents of Compromise (IOCs) and configure alerting. Develops and communicates threat advisories.
• SIEM Engineering Planning & Coordination: Partners with MSP and IT Infrastructure & Operations to plan and integrate log source into security incident and event management system while managing SIEM EPS licensing. Works with MSP and IT Infrastructure & Operations to architect, design, implement and manage security incident and event management system. Works with MSP and IT Infrastructure & Operations to measure log and alert coverage, system health and incident response and develop associated reporting and metrics. Works with MSP and IT Infrastructure & Operations to reduce false positives and improve the fidelity of alerting.
• Threat Alerting & Detection Planning & Coordination: Develops playbooks for managing different types of security incidents. Trains staff and stakeholders on playbooks. Coordinates incident response with responsible stakeholders (e.g. GRC, Vulnerability Mgmt., IT operations, product line, R&D). Recommends configuration, tuning and other changes to prevent and detect future incidents.
• Critical Incident Response Planning & Coordination: Coordinates critical incident response with responsible stakeholders (e.g. GRC, Vulnerability Mgmt., IT operations, product line, R&D). Conducts annual tabletop exercises to test the plan and train stakeholders
• Investigations & Forensics: Conduct investigations and forensics as dictated by incidents. Contracts with outside 3rd party for forensics.

PHYSICAL REQUIREMENTS: L - Light Work - Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly; requires occasional walking, standing or squatting.

PAY RANGE: $140,000.00 - $170,000.00

The listed base pay range is a good faith representation of current potential base pay for successful applicants. It may be modified in the future. Pay is determined by factors including experience, relevant qualifications, specialty, internal equity, location, and contracts.

Rochester Regional Health is an Equal Opportunity / Affirmative Action Employer. Minority/Female/Disability/Veteran

Minimum Salary: 140000.00 Maximum Salary: 170000.00 Salary Unit: Yearly