Job Details

Director, Information and Cyber Security

Advertiser
Evolent Health
Location
Los Angeles (Downtown), California, United States
Rate
-

What You'll Be Doing:

The Director, Information and Cyber Security, will be responsible for information and cyber security functions including construction and management of these operational functions:

  • Security Engineering & Operations:
    • Cyber Security, Security Architecture/Engineering, Identity and Access Management & Governance, Inter-connection monitoring, Physical Security, External/Internal Threat Management, Incident Response
  • Security Operations Center (SOC):
    • CIRT/CSIRT, Situational Awareness and Common Operating Picture, Intelligence Collection (Logging & Monitoring), Vulnerability, Virus and Malicious Code Management
    • Advanced Security operations such as machine learning, environmental (network/applications) operations baselines, user profile and usage understanding, active threat and vulnerability hunting and exploitation leading to Real Time readiness, reduction of manual intervention through the use of leading edge technologies that employ modern solutions (low code/no code/play book process automation)
  • Emergency Operations & Incident Management (virtual and physical threats):
    • CERT, Test, Exercise and Conduct Drills of Response Plans, Problem Management, Root Cause Analysis, and After-Action Reports
  • Security PMO:
    • Budget, IT DR, Business Enablement and Continuity, Sales and Product Delivery Lifecycle, IT Audit, Governance, Risk and Compliance (GRC), Personnel and External Relationships

CROSS-FUNCTIONAL RELATIONSHIPS

  • Provide the organization with strategic information and cyber security vision that executes in a timely manner and is able to adjust appropriately to ever-evolving threat and compliance landscape.
  • Foster relationships with middle to senior management, and senior executives across a range of functions including Risk Management and Technology
  • Regular interaction with the Senior Leadership Team
  • Ability to exert influence in operational areas with no direct leadership authority

RESPONSIBILITIES

  • Providing clear, consistent leadership, advice and representation on all aspects of Information and Cyber Security
  • Demonstrating effective management, communication, and negotiation skills to drive complex initiatives towards completion including those with a cross boarder dimension
  • Foster collaborative and supportive relationships that promote effective Information Security risk management and key information security initiatives
  • Interfacing and negotiating effectively with a wide range of audiences, including senior management and external vendors and customers
  • Collaborate with a range of functions including Compliance, Privacy and the enterprise to monitor developments in the areas of legal, regulatory, corporate requirements, technological developments, and best practices in the information and cyber security governance and compliance field
  • Direct/Steer the creation and lifecycle management of a comprehensive monitoring and reporting regiment for Information and Cyber Security to identify, manage, track, remediate and communicate information security risks, audit risks and vulnerabilities
  • Other duties as assigned.

The Experience You'll Need (Required):

  • Advanced knowledge of applicable local and global laws and regulations as they relate to Information and Cyber Security and the effective management of Security Risks.
  • 10+ years of individual contributor and/or managerial experience in information security including successfully managing contract acquisitions, mergers, acquisitions and related activities
  • 10+ years IT experience required. People management and leadership experience within Commercial Payer and Public Sector heath care.
  • Experience with building and accrediting Information and Cyber Security organizations and programs from the ground-up in a NIST 800-53, FISMA (Moderate & High) and Hi-Trust environment.
    • Demonstrable experience in implementing strategic plans and managing an information and cyber security program.
    • Extensive experience in the design and testing of formal Key Controls in support of compliance to a range of regulatory and legislative requirements including Sarbanes-Oxley, FISMA, NIST, Hi-Trust, etc.
    • Extensive experience managing various types of audits - SOC 2, 912, ISO, Pen Tests, etc.
  • Proven ability to successfully partner with internal and external clients and vendors to align strategy with deliverables, identify business challenges and develop alternatives to mitigate risks, control gaps and vulnerabilities
    • Previous experience with implementing and managing Splunk, SecureWorks, GRC tools, closed loop compliance, continuous monitoring programs, advanced threat hunting, machine learning, user profiling, etc.,
  • Enterprise level experience including managing and successfully delivering cross functional initiatives
  • Strong professional experience dealing with internal risk and compliance as well as associated certifications eg CISSP, CISM, CISA, etc.
  • A university degree in Information or Technology Management or Risk Management or equivalent work/military experience.
  • Advanced understanding an experience in managing business processes and budgeting skills
  • Exceptional and proven leadership capabilities - communication, influence & negotiation, conflict resolution, people management, relationship management (internal/external), and team building
  • Enjoys working in a team-oriented, collaborative environment
  • Strong service management and service delivery orientation
  • Excellent written, oral, and interpersonal communication skills
  • Ability to present ideas in at appropriate levels for different audiences
  • Proven ability to work within a changing environment and provide vision in leading the implementation of change
  • Ability to apply change management principles to initiatives of variable sizes and degrees of complexities
  • Ability to assess the impact or potential impact of change management initiatives of various sizes and degrees of complexities on business financials and performance
  • Advanced level of creativity, strategic thinking and problem management skills
  • Ability to conduct and direct research into information security issues
  • Self-motivated, self-directed, attentive to detail, and able to multi-task
  • Ability to effectively prioritize and execute tasks

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events