Manager, Threat Defense Services

Join to apply for the Manager, Threat Defense Services role at Fortified Health Security

As the thought leader in the healthcare IT security space, Fortified Health Security is looking for a Manager, Threat Defense to join our growing team! The Team Lead will share responsibility for the Threat Defense Center’s daily execution of contracted services to clients. In addition, the Manager, Threat Defense will be considered a subject matter expert (SME) of the Fortified SIEM service and will be called upon to demonstrate this knowledge to both existing and potential customers. The Manager, Threat Defense will also be responsible for training internal analysts and guiding them to become subject matter experts as well. The role will be focused on driving standardization, training, coaching, and delivery of contracted services.

The following duties are normal for this position. The omission of specific statements of duties does not exclude them from being expected of this position if the work is similar, related, or a logical assignment for this position. Other duties may be required.

• Daily execution of contracted services to clients.
• Management of the Threat Defense personnel and promoting their individual growth.
• Interfacing with clients to review environments, solve CSAT issues, & build relationships.
• Support the sales organization in their efforts to bring in new clients & services.
• Partner with Implementations to ensure smooth transition of services from inception to operations.
• Mature and develop the processes, procedures, and services of the Threat Defense.
• Create, maintain, and mature Standard Operating Procedures (SOPs) and training documentation.
• Perform advanced incident investigation.
• Ability to take lead on incident research when appropriate.
• Exercise multi-tasking skills by managing multiple projects concurrently.
• Proactively and iteratively search through logs to detect advanced threats that are unknown to the current security solutions.
• Create advanced rules based on latest security threats and events.
• Act as the SME for all technology used in service delivery.
• Present alerts, metrics and remediation tasks to customers via approved communication plans.
• Communicate effectively and clearly with clients on high level security concepts and requirements.

• Bachelor's Degree in Computer Science, Management Information Systems, or other relevant combination of training and experience.
• 5+ years of proven work experience as a System Security Engineer or Information Security Engineer.
• Advanced systems administration experience.
• Healthcare industry experience preferred.
• Familiarity with HIPAA / HITRUST.

• Proficient understanding of the following subject matters/skills:
• Incident Response, Team building, Motivating, Arbitration & Consensus, Compliance Frameworks (NIST, HIPAA, HITRUST, PCI)
• Expert understanding of the following subject matters/skills:
• Incident Response, Analytical Intelligence, Playbook Management, Relationship Management, Technical Presentation, Emotional Intelligence, Coaching, Detection & Suppression Rule Management, Scripting (Python, Bash, PowerShell), Attack Frameworks, Troubleshooting & Root Cause Analysis, Advanced Documentation, Emotional Intelligence, Written and Verbal Communication, Security Platform Health Management, Security Platform Log Analysis, Linux OS & Events, Windows OS & Events, Healthcare Operational Knowledge, Endpoint Security Knowledge, Tools, & Best Practices, User Security Knowledge, Tools, & Best Practices, Network Security Knowledge, Tools, & Best Practices, Cloud Security Knowledge, Tools, & Best Practices, Data Security Knowledge, Tools, & Best Practices
• Expert understanding of intrusion detection/prevention systems, firewalls, endpoint detection & response systems, anti-virus systems, DLP, vulnerability management, creating and managing phishing campaigns, and cloud infrastructure.
• Expert understanding of network security concepts and defense in depth.
• Expert understanding of security incident and event management (SIEM), log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation.
• Demonstrated ability to analyze, triage and remediate security incidents.
• Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.).
• Advanced understanding of OSI model, network protocols and information security concepts.
• Aware of common management techniques and the application of them to resolve conflicts and bring resolution.
• Security Certifications such as SANS, ISC2, CISSP, GIAC or Cisco are a PLUS

• Team lead with responsibility to manage the SOC team.

• Travel as needed.
• Hybrid to Brentwood, TN office

Fortified Health Security is an Equal Opportunity Employer. In compliance with the Americans with Disabilities Act, Fortified Health Security will provide reasonable accommodations to qualified individuals with disabilities. If a reasonable accommodation is needed to perform this position, you need to inform Fortified Health Security People and Culture Team of such request.

Mid-Senior level

Full-time

Other

Computer and Network Security