Executive Director, Security Operations and Incident Response

Summary

Join Global Healthcare Exchange (GHX) as a Security Operations leader, leveraging your extensive Incident Response (IR) and Threat Intelligence expertise. You will lead a team of cybersecurity experts, develop and execute security operations strategies, and collaborate with cross-functional teams. This role requires strong operational knowledge of security tools and experience optimizing processes. You will engage with executive leadership and customers, lead projects, and mentor engineers. The ideal candidate possesses 10+ years of relevant security operations and threat intelligence experience, along with strong leadership skills. GHX offers a competitive salary and benefits package, including health insurance, retirement matching, paid time off, and education reimbursement.

Requirements

• Strong understanding of security monitoring and incident response processes and concepts
• Strong understanding of MITRE TTPs or similar
• Familiarity with control frameworks such as HIPAA, HITRUST, FedRAMP, SOC1/SOC2, and PCI
• Demonstrated past contributor and “plugged-in” to the threat intelligence community and various industry sources
• Understand what it means to “think like a hacker” and take the attacker’s viewpoint
• Familiarity with Dark Web and related concepts
• Experience with operating security tools such as Intrusion Detection/Prevention Systems, Email Security, Data Security, Cloud Security, Network and Application Security
• Familiar with scripting languages and ability to develop scripts to support logging, monitoring and detection
• 10+ years of relevant security operations and threat intelligence experience
• 10+ years of IT experience
• 5+ years of leadership and leading teams

Responsibilities

• Be a thought leader and industry expert for all functions under Security Operations
• Develop and lead a team of cybersecurity experts to manage global Security Operations functions such as monitoring and detection, incident response, threat and vulnerability management, threat intelligence, digital forensics & investigations, threat hunting, and insider threat
• Develop and execute on Security Operations strategy, and partner with Security Architecture and Engineering to deliver new or enhance existing security controls and analyze/maintain new or existing security applications/products including SIEM, vulnerability management tools, intrusion detection and prevention, data leakage protection, network security analysis, firewalls (network and application), and Cloud security controls
• Proven experience developing SIEM and logging feeds architecture and creating processes that translate logs into actional security events
• Engage with executive level leaders, including board members and customers, to explain concepts, present roadshows for major initiatives and programs
• Lead global security operations projects and act as the leader and mentor to Security Operations Engineers
• Designing and implementing security processes to support security monitoring and incident response using best-in-class security engineering principles; experience with the MITRE ATT&CK Framework and its Tactics and Techniques
• Strong experience with security metrics and measurements and process automation – understand how to measure monitoring/IR processes and how to improve them based on historical data
• Partner with Security Engineers to identify and evaluate best in class security solutions and plan production deployments and help document runbooks accordingly
• Lead or coordinate enterprise cybersecurity tabletop exercises across cross-function teams
• Lead and develop processes to support a cybersecurity forensics and investigations program
• Develop and own Global IR plan and is familiar with IR processes and protocols including Attorney Client Privileged and industry laws, rules, regulations and control frameworks such as HIPAA, HITRUST, and FedRAMP

Preferred Qualifications

CISSP or equivalent

Benefits

• Health, vision, and dental insurance
• Accident and life insurance
• 401k matching
• Paid-time off
• Education reimbursement