Director & Head of Cyber Security Operations

YOUR NORTH STAR: protect Children's National and our patients, families, and staff by leading the implementation, management, and continual improvement, of our cybersecurity operations.

The head of cybersecurity operations will protect CNH through the implementation, management, and continual improvement of our operational cybersecurity program. She or he will be responsible for monitoring, detection, investigation, and coordinated incident response. We are seeking a dynamic leader who excels at building and inspiring great teams. He or she is a doer who is equally comfortable managing direct reports, overseeing partners, influencing colleagues, and rolling up his/her sleeves and executing.

Minimum Education
Bachelor's Degree in a computer science, math, engineering or another relevant discipline. (Required)

Minimum Work Experience
10 years Cybersecurity with a focus on cybersecurity operations. (Required)
5 years In a management role. (Required)

Required Skills/Knowledge
Experience leading some or all of the cybersecurity operations functions, preferably in a healthcare organization.
Deep background in SOC implementation & analysis, SIEM configuration/integration/tuning, incident response, and/or investigations.
Experience reporting to and communicating with board and C-level management.
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills.
Breadth of knowledge across many cybersecurity frameworks and standards with deep expertise and implementation experience in at least one (e.g. NIST CSF, NIST RMF/800 series, ISO/IEC 27001/2, OWASP, Mitre ATT&CK framework, SNAS CIS, etc).

Functional Accountabilities
Core areas of responsibility that fall under this role include:

• Real time response to cyber events; be accountable of the security incident management from identification through remediation

• Day to day security monitoring, detection, analyses and response to threat indicators, malicious activities from security systems and intelligence

• Incident response, playbooks, workflows, and escalation criteria in partnership with the rest of the cybersecurity team, our MSSP, contractors, and partners

• Oversight of our MSSP

• Implementation, integration, tuning, and continual improvement of our security information and event monitoring (SIEM) solution and other security tools

• In collaboration with the head of cybersecurity architecture and engineering, security tool configuration, management, and updates to protect and defend our network, devices, systems

• Cybersecurity investigations

• Threat analysis and recommendations about changes to CNH security posture

• Reporting on performance against established security metrics

• Preparing clear and concise briefings for the CNH board, executive leadership, staff, regulators, auditors, outside partners, and other stakeholders