Overview:
Novant Health is seeking a strategic and experienced Manager of the Information Security Office to lead the daily operations of our cybersecurity program. Reporting to the Information Security Officer (ISO), this role is responsible for managing a team of security professionals, overseeing the implementation of security policies and procedures, and ensuring the protection of sensitive data and systems across the organization.
This leader will play a critical role in maintaining a secure IT environment, aligning cybersecurity initiatives with organizational goals, and managing risk to acceptable levels.
Schedule: 8:00AM - 5:00PM (On call support required, as needed).
Location: Remote
Department: ETS - Enterprise Technology Services
Key Responsibilities:
* Oversee the secure management of information systems throughout their lifecycle, ensuring compliance with cybersecurity best practices.
* Understand and manage sensitive data stored, transmitted, or processed across systems within scope.
* Enforce security principles such as least privilege and least functionality.
* Identify and respond to cybersecurity incidents and lead incident response efforts.
* Manage the daily operations of the Information Security Office, including staffing, training, and performance evaluation.
* Provide leadership, mentorship, and direction to the security team.
* Collaborate with stakeholders across departments to align security initiatives with business objectives.
* Monitor and report on the effectiveness of the cybersecurity program and risk posture.
* Ensure timely and accurate completion of all security-related tasks and projects.
Why Novant Health?
* Join a mission-driven organization committed to innovation, security, and excellence in healthcare.
* Lead a high-impact team that protects critical systems and data.
* Enjoy a collaborative culture, professional development opportunities, and a comprehensive benefits package.
Responsibilities:
It is the responsibility of every Novant Health team member to deliver the most remarkable patient experience in every dimension, every time.
* Our team members are part of an environment that fosters team work, team member engagement and community involvement.
* The successful team member has a commitment to leveraging diversity and inclusion in support of quality care.
* All Novant Health team members are responsible for fostering a safe patient environment driven by the principles of "First Do No Harm".
Qualifications:
Education: Bachelor's degree- military equivalence or a combination of education and hands on work experience required. Graduate degree preferred.
Experience: Minimum of seven or more years of proven information security experience, IT related experience, customer service experience, working on complex healthcare environment, and carrying out leadership and management principles required.
* Identity access management and trust experience strongly preferred
* SailPoint experience strongly preferred
License/Certification: Security+ or equivalent, CISSP or equivalent and ITIL Foundation, Professional Technology Cert. required.
Additional skills required: Current and future trends/practice in area of responsibility; regulatory and governing standards, policies and procedures; information systems and software used in area of responsibility; equipment used in performing assigned duties; application of safety and infection control policies and procedures; skills in interviewing and selection process; understanding of budgeting, staffing, payroll and purchasing processes; implementation of competency, feedback, development and progressive discipline processes; teambuilding; conflict management, and interpersonal relationship skills; principles of adult learning and teaching methods/models; decision making, project leadership and consultation; delegation and communication skills; understanding of customer needs and expectations and knowledge for improvement to exceed customer expectations. Ability to consistently apply critical thinking to all planning. Ability to formulate effective approaches to create necessary and sustainable change. Functional Knowledge of HIPAA, ISO 27001/27002 framework, NIST 800-53, PCI-DSS, and COBIT. Windows, MS Active Directory, Linux/Unix, Firewalls, SQL DBs, Routing, logging and monitoring, authentication systems, wireless, IDS/IPS, proxy technologies, remote access solutions (VPN, SSL, IPSEC) with two factor authentication, network security monitoring, traffic analysis, data loss prevention, forensic and eDiscovery tools, etc. Intermediate to advanced knowledge of MS Office products and SharePoint. Experience evaluating network penetration test results and application security assessments, and vulnerability reports.
Share this job:
Share this Job
