Welcome page Returning Candidate? Log back in! MANAGER, SECURITY OPERATIONS Job Locations US-IL-Springfield ID 2025-26599 Category Professional and Leadership Position Type Full-Time Overview

The Manager, Security Operations, is responsible for implementing and managing the enterprise cybersecurity program, ensuring the protection of the organization’s information assets while enabling business objectives. This role involves identifying, evaluating, and reporting on legal, regulatory, IT, and cybersecurity risks, providing actionable insights to stakeholders at all levels.

 

This position proactively collaborates with business partners to implement cybersecurity practices aligned with established policies and standards, fostering a culture of security awareness and compliance. The Manager, Security Operations, leads the development and execution of operational strategies to address emerging threats, ensure incident readiness, and maintain a robust cybersecurity posture.  Embodies Memorial Health Performance Excellence Standards of Safety, Quality, Integrity and Stewardship that support our mission, vision and values.

Qualifications

Education:

Bachelor's Degree in Computer Science, Management Information Systems, or equivalent combination of education and 5 years of experience to successfully perform the Principle Duties & Responsibilities of the job.Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework

Licensure/Certification/Registry:

Desired: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials

Experience:

Experience in qualities/skill set evident on resume Experience with the following systems preferred: Experience with risk assessment, incident response, and security audits.Familiar with DevOps security concepts and best practices, and be able to integrate security into the DevOps pipelineFamiliar with cloud security concepts and best practices, as well as the security features and capabilities of major cloud platforms such as AWS, Azure, and GCP.Familiar with security automation tools and techniques, and be able to use them to automate security tasks and improve the efficiency of the SOC.Experienced decision-maker with a proven track record of weighing relative costs and benefits of potential actions and identifying the most appropriate option.Experience managing enterprise security solutions, such as firewalls, intrusion detection systems, intrusion prevention systems, security information and event management (SIEM) systems, security orchestration, automation, and response (SOAR) platforms, and other security tools and technologies.

Other Knowledge/Skills/Abilities:

Accountability: Ability to hold people accountable to standards of performance or ensure compliance using the power of one’s position or force of personality appropriately and effectively, with the long-term good of the organization in mind. Analytical Thinking: Developing a deeper understanding of a situation, issue or problem by breaking it down or tracing its implications step-by-step. It includes organizing the parts of a situation, issue or problem systematically; making systematic comparisons of different feature or aspects; setting priorities on a rational basis; and identifying time sequences, casual relationships, or if-then relationships. Change Leadership: Ability to energize stakeholders and sustain their commitment to changes in approaches, processes, and strategies. Collaboration: Ability to work cooperatively and inclusively with other individuals and/or teams not formally lead; working together as opposed to working separately or competitively. Communication: Ability to use written and spoken communication in formal and informal situations to convey meaning, build shared understanding, and productively move agendas forward. Initiative: Ability to identify a problem, obstacle or opportunity and then take action in light of identification to address current or future problems or opportunities. Initiative emphasizes proactively doing things and no simply thinking about future actions. Project Management: Ability to plan, execute and oversee a multi-year project involving significant resources, scope and impact. Strategic Orientation: Ability to consider the business, demographic, ethno-cultural, and regulatory implications of decisions and develop strategies that continually improve the long-term success and viability of the organization.Team Leadership: Ability to lead groups of people toward shared visions and goals, from forming a team that possesses balanced capabilities, to setting its mission, values and norms, and holding colleagues accountable individually and as a group for results. Responsibilities Embodies the Memorial Health System Performance Excellence Standards of Safety, Quality, Integrity and Stewardship that support our mission, vision and values:SAFETY: Prevent Harm - I will put safety first in everything I do.  I will speak up, without fear, on matters of patient and colleague safety.  I will take action to create an environment of zero harm.QUALITY: Improve Outcomes -  I will continually advance my knowledge and skills.  I will seek out continuous improvement opportunities.  I will deliver evidence-based care that leads to excellence in outcomes.INTEGRITY: Show respect and Compassion  - I will respect others and show compassion.  I will behave honesty and ethically.  I will be accountable for my attitude, actions and health.STEWARDSHIP: Reduce Waste - I will use resources wisely and maintain financial stability.  I will work together to coordinate care and services across the health system.  I will promote healthier communitiesDefines and facilitates the operational processes for cybersecurity risk in collaboration with IS Security including the reporting and oversight of treatment efforts to address negative findings.Liaises with the enterprise architecture team to build alignment between the security and enterprise (reference) architectures, thus ensuring that cybersecurity requirements are implicit in these architectures and security is built in by designDevelops and oversees effective resilience policies and standards to align with the enterprise resilience program goals, with the realization that components supporting primary business processes may be outside the corporate perimeterCoordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areasFacilitates a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitates appropriate resource allocation, and increases the maturity of the cybersecurity, and reviews it with stakeholders at the executive and board levelsOperationalize strategic, comprehensive cybersecurity program to ensure appropriate levels of confidentiality, integrity, availability of information assets owned, controlled or/and processed by the organization as well as the meeting of safety, privacy, reliability and resilience requirements as needed.Leads the cybersecurity function across the company to ensure consistent and high-quality information security management in support of the business goalsDefine and manage IAM program that balances access with compliance and confidentiality and business requirements.Determines the cybersecurity approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areasFollow all risk remediation protocols to ensure issues are mitigated, risks are accounted for and exceptions are tracked in accordance with frameworks, policies and standards set by the organizationDocuments formal, technical incident reports for consumption by infrastructure teams and senior leadershipProvides infrastructure teams with incident support, including mitigating actions to contain activity and advisory for remedial actions.Carries out root cause analysis and investigations to advise on prevention mechanisms and configuration changes.Maintains professional growth and development through continuing education, seminars, workshops and professional affiliations.Perform other related work as required or requested.

 

 

The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job.  Incumbents may be requested to perform tasks other than those specifically presented in this description.

Options Apply for this job onlineApplyShare Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Connect With Us! Not ready to apply? Connect with us for general consideration. Application FAQs

Software Powered by iCIMS
www.icims.com