Systems Manager IT Cybersecurity

Inspired by faith. Driven by innovation. Powered by humankindness. CommonSpirit Health is building a healthier future for all through its integrated health services. As one of the nation’s largest nonprofit Catholic healthcare organizations, CommonSpirit Health delivers more than 20 million patient encounters annually through more than 2,300 clinics, care sites and 137 hospital-based locations, in addition to its home-based services and virtual care offerings. CommonSpirit has more than 157,000 employees, 45,000 nurses and 25,000 physicians and advanced practice providers across 24 states and contributes more than $4.2 billion annually in charity care, community benefits and unreimbursed government programs. Together with our patients, physicians, partners, and communities, we are creating a more just, equitable, and innovative healthcare delivery system.

• Manage the work direction and resource needs for a team of Cybersecurity Analysts and Engineers. Define strategic goals and manage performance to meet those goals, specific to security vulnerability scanning and remediation, administration of applicable toolsets and enterprise vulnerability & risk analytics.
• Manage activities relative to the day-to-day operations of vulnerability reporting and remediation; determine business and technical requirements to maintain the highest possible degree of monitoring, assessment, testing, and analysis capability. Serve as a key respondent and facilitator for proactive cyber risk remediation in the organization.
• Recruit, retain, and develop a diverse and high performing team; create an environment of continuous learning and growth development.
• Follow industry and technology trends and best practices to advise leadership and direct teams on the best employment of tools, techniques and procedures.
• Maintain a high degree of awareness of current and potential threats and risks to the company and sector.
• Develop and maintain a working relationship with internal stakeholders and third-party service providers. Work with business unit executives and service providers to introduce into and refine cybersecurity capabilities within the environment.
• Must possess a broad knowledge relating to IT infrastructure and Cybersecurity, and have in-depth and up-to-date experience with today’s enterprise level platforms and tools, including penetration testing, asset/application/service discovery, and vulnerability scanning tools, techniques, and procedures.
• Remote eligible.

• Bachelor’s degree in related field or equivalent combination of education and experience preferred.
• 7+ years in Information Technology, including 3+ years of experience managing a complex function, team or program.
• 5 years direct experience in cybersecurity operations and/or cybersecurity incident response.
• One or more relevant technical/professional security certifications (such as: COMP-TIA Network+, Security+, SANS GIAC, CISSP, CRISC, CISA, or vendor-specific) preferred.
• Experience in Windows, UNIX/Linux OS required.
• Functional understanding of regulatory and compliance mandates and frameworks, including but not limited to: HIPAA, HITECH, PCI, Sarbanes-Oxley, Center for Internet Security (CIS), NIST, or MITRE Attack Framework preferred.
• Experience conducting Vulnerability Testing (Network, Application, Database, and/or System Security), Analysis, Prioritization, and Documentation, and the management of communication with leadership and affected stakeholders preferred.
• Leadership experience preferred.
• Demonstrated ability to effectively communicate and present complex technical information to a broad audience and make recommendations with justification to leadership.
• Proven investigative and problem solving, critical thinking, root-cause analysis, and business risk analysis skills.
• Experience in the healthcare industry or critical infrastructure preferred.