• Job Description

  Req#: 3051

  Overview

  The Sr. Director of Information Security reports to the Chief Information Officer and maintains a strong relationship with Infrastructure Technology (Network Ops), IT Applications Development, IT Enterprise Data Management, and the functional departments of Partnership HealthPlan of California (Partnership). The Sr. Director is responsible for building and leading a team of Cyber Defense Operation Center (CDOC) colleagues. This position will work with various Managed Security Service Providers (MSSP) to establish and maintain threat escalation and remediation protocols including off hours. This role is to direct and manage all aspects of running an efficient team including hiring, supervising, coaching, training, disciplining, and motivating direct-reports. The Sr. Director is responsible for the development, implementation, and management of the CDOC programs and services to include threat hunting, compromise assessments, continuous monitoring, red team exercises, penetration testing, incident response and forensics. The Sr. Director is the primary conduit between the CDOC and the Security Engineers. This position ensures the internal toolsets used and needed by the Analysts and Engineers are kept up-to-date and running efficiently. The Sr. Director is primarily responsible for maintaining and coordinating the organization's incident response plan.

  Responsibilities

  • Plans, directs, and manages day-to-day activities across the CDOC. Leads the CDOC inproactively performing threat hunting, compromise assessments, penetration testing, redand blue team exercises.
  • Drives timely implementation and improvement of new tools, capabilities, frameworks,and methodologies across all teams within the CDOC, across IT and the enterprise.
  • Accountable for the timeliness and efficient identification, isolation, mitigation, andreporting of critical incidents.
  • Manages cross-functional security teams to achieve continuous improvement in cyberdefense/response. Instills and reinforces industry best practices in the domains ofincident response, cybersecurity analysis, knowledge management, and CDOCoperations.
  • Responsible for overseeing the monitoring and timely proactive response to threats inCloud environments
  • Promotes and drives implementation of automation and process efficiencies.
  • Leads strategy development, quality control, compliance, and continuous improvement ofCDOC.
  • Maintains a forward-leaning ops tempo that includes continual validation andimprovement across all CDOC functions.
  • Delivers recommendations in accordance with government and contractual requirements.
  • Provides customers with remediation recommendations.
  • Creates, reviews, and approves new procedural documentation. Conducts productevaluations of security technologies.
  • Acts as the technical expert in multiple domains to coordinate CDOC efforts duringincident and breach responses. Collaborates with other Information Technology (I.T.)teams to ensure relevant organization-wide data is processed by the CDOC.
  • Coordinates the InfoSec on-call schedule and escalation procedures.
  • Manages complex projects, engaging and updating key stakeholders, developingtimelines, leads others to complete deliverables on time and ensures implementation uponapproval. Oversees the MSSP program. Responsible for setting alert thresholds, ensuringtickets are resolved in a timely manner, toolset configurations, and project management.Ensures that CDOC toolsets and automation are always operational and alerts and eventsfrom those toolsets are triaged appropriately.
  • Conducts strategic planning to utilize resources in order to meet current and futuredepartmental and Enterprise-wide goals.
  • Plans and implements systems and procedures to maximize operating efficiency andachieve strategic priorities.
  • Develops goals, objectives and action plans for assigned staff which includes fullmanagement responsibility for the hiring, performance reviews and disciplinary mattersfor direct reporting employees.
  • Prepares briefings, reports, consultation documents and presentations that clearlyarticulate Partnership’s regulatory position and policy. Develops regulatory position andpolicy based on research and evidence.
  • Other duties as assigned

  Qualifications

  Education and Experience

  Bachelor’s degree in Information Technology or BusinessAdministration, Business Management; at least eight (8) years ofexperience leading comparable information security or technologyteams with at least six (6) years of management/supervisoryexperience. Operational experience configuring and managing asecurity Information and Event Management (SEIM) platform.Operational experience monitoring cloud computing (e.g., AWS,Azure, etc.) and SaaS environments. Experience with leading theresponse to crises, incidents, and investigations. Operational experiencemanaging in a regulated environment (e.g., classified networks,healthcare, finance, banking, etc.). Experience reporting on CDOCactivities and deliver recommendations in accordance with governmentand contractual requirements.

  Special Skills, Licenses and Certifications

  Strong understanding of networking and communication protocols(such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP/S, etc.). Exceptionaloperational rigor with extensive real-world experience in SOCmethodologies and frameworks for I.T. operations (e.g., InformationTechnology Infrastructure Library (ITIL), National Institute ofStandards and Technology (NIST), etc.). Demonstrated ability tomanage complex projects in an effective manner. Must possess a strongservice mindset. Ability to provide threat and vulnerability analysissecurity advisory services. Excellent verbal, written communicationand presentation skills. Has experience in DarkWeb knowledge andsearch methodologies. Strong knowledge and skills with Cloudconcepts and experience performing monitoring and responding tothreats in Cloud environments. Demonstrated ability to fosterteamwork and unity among team members that allows for disagreementover ideas, conflict and expeditious resolution, and the appreciation ofdiversity. Broad and deep technical knowledge and experience acrossvarying infrastructure requirements, development, design, and reengineering. Either a Certified Information Systems SecurityProfessional (CISSP) or Certified Information Security Director(CISM) is required. The following certifications are preferred:Certified Ethical Hacker (CEH), Certified Hacking ForensicInvestigator (CHFI), GIAC Certified Detection Analyst (GCDA) orOffensive Security Certified Professional (OSCP).

  Performance Based Competencies

  Ability to quickly acquire in-depth knowledge of Partnership’sinfrastructure and managed care issues. Ability to self-manage anddevelop timelines for projects required. Ability to work effectively withemployees at all levels in the organization. Ability to maintaincomplete confidentiality of member, employee, and Partnership

  information. Strong written and oral communication skills with abilityto interpret and understand technical requirements. Excellent analyticalskills to troubleshoot and resolve systems problems.

  Work Environment And Physical Demands

  More than 80% of work time is spent in front of a computer monitor.May be required to lift, carry, or move equipment of varying size,weighing up to 50 lbs. May be required to bend, stoop, kneel, crawl, orwork in other non-standing and non-sitting positions.

  All HealthPlan employees are expected to:

  • Provide the highest possible level of service to clients;
  • Promote teamwork and cooperative effort among employees;
  • Maintain safe practices; and
  • Abide by the HealthPlan’s policies and procedures as they may from time to time be updated.

  HIRING RANGE:

  $208,615.57 - $281,633.32

  IMPORTANT DISCLAIMER NOTICE

  The job duties, elements, responsibilities, skills, functions, experience, educational factors and the requirements and conditions listed in this job description are representative only and not exhaustive of the tasks that an employee may be required to perform. The employer reserves the right to revise this job description at any time and to require employees to perform other tasks as circumstances or conditions of its business, competitive considerations, or work environment change.

• About the company

  Partnership HealthPlan of California, is an independent, public/private organization serving over 550,000 Medi-Cal beneficiaries in 14 northern California counties: Del Norte County, Humboldt County, Lake County, Lassen County, Marin County, Mendocino ...

Notice