Director of Information Security (CTEM)

Details

• Department : Security
• Schedule : Full Time Monday - Friday 8-5pm CT
• Location : Remote

Benefits

Paid time off (PTO)

Various health insurance options & wellness plans

Retirement benefits including employer match plans

Long-term & short-term disability

Employee assistance programs (EAP)

Parental leave & adoption assistance

Tuition reimbursement

Ways to give back to your community

Please note, benefits and benefits eligibility can vary by position, exclusions may apply for some roles (for example : Travel, PRN, Short-Term Option, etc.

Actual compensation offer will vary based upon role, education, experience, location, and qualifications. Connect with your Talent Advisor for additional specifics.

Responsibilities

Ascension is hiring a Director of Information Security (CTEM) working with our Continuous Threat Exposure Management Program.

Responsibilities :

This position will focus on cybersecurity to include some or all of the following areas : infrastructure security, cloud computing, identity and access management, log management, endpoint security and / or email security.

Candidates must possess a high level of experience in management of complex, interrelated systems, and lead teams with a diverse set of skills to achieve results.

This candidate will have demonstrated knowledge in the following areas : All common server and desktop operating systems, all major cloud computing security and management consoles, endpoint management tools, logging and backup strategies, general network and firewall management, SIEM / SOAR integration with on-prem and cloud-based infrastructure, email and cloud-based workspace security, and directory services.

In addition to the qualifications above, candidates will

• Establish and prioritize potential risk mitigation / treatment strategies and continuously refine Ascension’s security posture improvement plan.
• Prioritize potential risk mitigation strategies and continually refine your security posture improvement plan by shifting from point-in-time vulnerability assessments to a repeatable security posture remediation and validation program
• Maintaining a dynamic and current security posture process using leveraged teams
• Integrate continuous threat exposure management (CTEM) with organizational-level
• Establish remediation and incident workflows to ensure that the required cross-team collaboration standards

Requirements :

A successful Information Security Director candidate will have the expertise and skills described :

Education, Training and Previous Experience

• Demonstrated experience and success in leadership roles in risk management, information security, and IT or OT security
• Degree in business administration or a technology-related field, or equivalent work- or education-related experience preferred

Technical and Business Experience

• Knowledge and understanding of relevant legal and regulatory requirements, such as : Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry / Data Security Standard.
• Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
• Up-to-date knowledge of methodologies and trends in both business and IT

Knowledge and Skills

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
• Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization
• Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist
• Excellent stakeholder management skills
• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
• Project management skills : financial / budget management, scheduling and resource management
• A master of influencing entities and decisions in situations where no formal reporting structures exist, but achieving the desirable outcome is vital

Requirements

Education :

High School diploma equivalency with 5 years of applicable cumulative job specific experience required, with 2 of those years being in leadership / management OR Associate's degree / Bachelor's degree with 3 years of applicable cumulative job specific experience required, with 2 of those years being in leadership / management.

Additional Preferences

Additional Preferences :

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials
• Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment
• Experience with contract and vendor negotiations
• Poise and ability to act calmly and competently in high-pressure, high-stress situations
• High degree of initiative, dependability and ability to work with little supervision while being resilient to change
• High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
• Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• A critical thinker, with strong problem-solving skills
• Strong problem-solving and trouble-shooting skills
• Self-motivated and possessing of a high sense of urgency and personal integrity
30+ days ago