What are the responsibilities and job description for the Sr.Manager- Cyber Security Risk position at Sentara?
Sentara Healthcare is seeking to hire a qualified individual to join our team as a Sr. Manager – Cyber Security Risk Professional to join our Cyber Security team!
Position Status: Full-time, Day Shift
Position Location: This position is 100% remote.
Standard Working Hours: 8:00AM to 5:00PM (ET).
Minimum Requirements:
- Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.)
- Experience with GRC tools such as Service Now, Archer, etc.
- Experience with risk tools such as RiskRecon, SecurityScorecard, SAFE, CORL, etc.
- Experience working in a highly regulated environment.
- Experience or understanding of risk processes and solutions.
- Strong background in security controls, auditing, network, and system security.
- Ability to express complex technical concepts in business terms.
- Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
- Regularly interact with all levels of management to present and discuss control effectiveness.
As the third-largest employer in Virginia, Sentara Healthcare was named by Forbes Magazine as one of America's best large employers. We offer a variety of amenities to our employees, including, but not limited to:
- Medical, Dental, and Vision Insurance
- Paid Annual Leave, Sick Leave
- Flexible Spending Accounts
- Retirement funds with matching contribution
- Supplemental insurance policies, including legal, Life Insurance and AD&D among others.
- Work Perks program including discounted movie and theme park tickets among other great deals
- Opportunities for further advancement within our organization
Sentara employees strive to make our communities healthier places to live. We're setting the standard for medical excellence within a vibrant, creative, and highly productive workplace. For information about our employee benefits, please visit: Benefits - Sentara (sentaracareers.com)
Join our team! We are committed to quality healthcare, improving health every day, and provide the opportunity for training, development, and growth!
Note: Sentara Healthcare offers employees comprehensive health care and retirement benefits designed with you and your family's well-being in mind. Our benefits packages are designed to change with you by meeting your needs now and anticipating what comes next. You have a variety of options for medical, dental and vision insurance, life insurance, disability, and voluntary benefits as well as Paid Time Off in the form of sick time, vacation time and paid parental leave. Team Members have the opportunity to earn an annual flat amount Bonus payment if established system and employee eligibility criteria is met.
For applicants within Washington State, the following hiring range will be applied: $112,756 - $209,000.
Essential Responsibilities:
As a leader who enjoys solving complex issues and collaborating with key internal and external stakeholders, you will be accountable for driving the successful implementation of an innovative and effective cyber security risk management program.
Primary Responsibilities:
- Lead team of cyber security risk professionals to design, implement and operationalize Sentara Healthcare’s risk management program.
- Provide management oversight and serve as the leadership point of contact for the cyber security risk team.
- Ownership of cyber security risk strategy and programs including 3rd party risk, metrics, risk and performance indicators, executive and board reporting, security integration and assessment of M&A and related ventures.
- Be responsible for overall cyber security risk management using continuous self-assessments and executive reporting.
- Provide continuous input to the CISO and help measure the cyber security risk posture of Sentara Healthcare.
- Understand key security and rick frameworks including but not limited to HIPAA, HITRUST, NIST800-171, PCI, and laws/regulations.
- Provide leadership and engage with the business to perform security assessment and ensure timely execution of projects and program while mitigating any security risks.
- Identify, recommend, and, when applicable, execute appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
- Manage and operate the third-party security risk management program and team.
- Work closely with internal groups such as Human Resources, Enterprise Risk Management, Internal Audit, Privacy, Legal, and Compliance on matters of policy and risk management.
- Develop and improve KPI/KRIs, metrics, risk register and trending.
- Mentor, coach, and train security staff.
Desired Characteristics:
- Experience leading and influencing cross-functional teams/projects.
- Demonstrated customer focus – evaluates decisions through the eyes of the customer; builds strong customer relationships and creates processes with customer viewpoint.
- Strong analytical skills – strong problem-solving skills, communicates in a clear and succinct manner and effectively evaluates information/data to make decisions; anticipates obstacles and develops plans to resolve.
- Change oriented – actively generates process improvements; supports and drives change and confronts difficult circumstances in creative ways. Self-motivated, self-directed, flexible, and able to work under pressure and in fast paced team environment.
- Demonstrated ability to lead and motivate staff and to apply skills and techniques to solve dynamic problems.
- Strong problem solving, prioritization, presentation, and facilitation skills with the ability to make recommendations to all levels of the organization.
- Strong functional team player with experience working seamlessly across a matrix structure.
- Excellent interpersonal, written/verbal communication and leadership skills with the ability to make recommendations to all levels of the organization.
- Experience with project management and execution of multiple simultaneous and / or large projects.
- Agile, LEAN or Six Sigma experience.
Requirements:
- Experience with various industry regulations and frameworks (PCI, HIPAA, Data Privacy Laws, ISO27001/2, NIST, HITRUST, etc.)
- Experience with GRC tools such as Service Now, Archer, etc.
- Experience with risk tools such as RiskRecon, SecurityScorecard, SAFE, CORL, etc.
- Experience working in a highly regulated environment.
- Experience or understanding of risk processes and solutions.
- Strong background in security controls, auditing, network, and system security.
- Ability to express complex technical concepts in business terms.
- Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
- Regularly interact with all levels of management to present and discuss control effectiveness.
Experience in lieu of Bachelor’s Degree
5 yrs relevant years’ experience with degree
7 yrs relevant years’ experience without degree
- Bachelor's Level Degree
Salary : $1,000 - $1,000,000