Information Security Manager (Disaster Recovery) (Roanoke, VA, US, 24016)
Company: Carilion Clinic
Posted on: May 28, 2023
Job Summary The Information Security Manager-Disaster Recovery
will be responsible for translating strategic intent into an
operational security program, coordinating across a team of highly
skilled multi-disciplinary security professionals. The role will
also include oversight of general managed services teams (e.g.,
security monitoring and incident response). This role will be
responsible for helping to resolve key cyber-risk issues and
escalating as appropriate across different business lines within
the organization. In this position, it is critical that you inspire
trust, and build strong, authentic, productive relationships within
the organization and with key stakeholders. As a leader in the
Information Security space, your responsibility is to manage daily
operations, organize daily risk and security reports, coordinate
compliance review activities and identity operational improvements.
Rotating shifts, including after hours on-call, and working
weekends or irregular long hours as well as occasional overnight
travel. Duties and Responsibilities may include but not limited:
- Design, implement, and operate cybersecurity processes and
technologies across the organization
- Manage reporting, investigation, and resolution of data
- Lead information security risk analyses and assessments and use
these to communicate current risk posture to leadership in an
- Provide guidance and direction on best practices for the
protection of information.
- Ensure compliance with regulations and privacy laws.
- Develop and implement information security policies, standards,
guidelines, and procedures to ensure optimal management of
Information Security risk.
- Mature security processes to ensure our systems are monitored
for security alerts, anomalies are tracked, and procedures followed
when alerts are triggered.
- Create internal partnerships with key stakeholders, such as
Audit, Finance, HR, Legal, and Marketing Teams to influence and
align business-area actions that are needed to achieve security
- Build and mentor a strong Information Security team that may
include consultants and vendors.
- Provide key performance and risk indicators for the CISO,
Technology Services, and the board of directors.
- Adheres to departmental policies and procedures to assure
prompt resolution to identified problems.
- Focus on Identity and Access Management and Disaster Recovery
- Develop and implement business plans, policies, and procedures
to maintain systems, network, database and/or Web security.
- Oversee the development, implementation, and maintenance of
information security, including access management, vulnerability
assessments, penetration testing, infrastructure, and regulatory
compliance. Minimum Qualifications Education: Bachelor's Degree in
a related field or equivalent work experience. Experience: Minimum
Seven years of progressively responsible experience in cyber
security. Three years dedicated to building and leading an
effective security program. Assisted in designing, managing, and
delivering large-scale, enterprise-wide security projects.
Experience with project and program management in technical
environments with diverse stakeholder groups. Experience and
background with on-premise and cloud technology, operating systems,
and applications, preferably including clinical and healthcare
solutions. Experience conducting information security risk
assessment, control analysis, and vulnerability assessments.
Demonstrated experience building and mentoring a strong Information
Security team that may include consultants and vendors. Ability and
skill to operate and produce at all levels of the program. (You
have not forgotten how to work on the command line.) Licensure,
certification, and/or registration: Valid Virginia drivers' license
and dependable transportation. Certifications such as CISSP, CISA,
CISM are preferred. Other Minimum Qualifications: Excellent verbal
and written communication skills with the ability to influence the
actions of internal stakeholders and manage relationships with
external stakeholders. Experience managing a team of people Strong
problem solving and troubleshooting skills with the ability to
exercise mature judgment Proven execution capabilities. Willingness
to creatively ensure mission success. About Carilion This is
Carilion Clinic ... An organization where innovation happens,
collaboration is expected and ideas are valued. A not-for-profit,
mission-driven health system built on progress and partnerships. A
courageous team that is always learning, never discouraged and
forever curious. Headquartered in Roanoke, Va., you will find a
robust system of award winning hospitals, Level 1 and 3 trauma
centers, Level 3 NICU, Institute of Orthopedics and Neurosciences,
multi-specialty physician practices, and The Virginia Tech Carilion
School of Medicine and Research Institute. Carilion is where you
can make your own path, make new discoveries and, most importantly,
make a difference. Here, in a place where the air is clean, people
are kind and life is good. Make your tomorrow with us. Requisition
Number: 108900 - Employment Status: Full time - Location:
Technology Services Group - Shift: Day - Shift Details:
Monday-Friday 8:00am-5:00pm with on call as needed Recruiter: MARK
A MISKOVIC - Recruiter Phone: - Recruiter Email:
email@example.com For more information, contact the HR
Service Center at 1-800-599-2537. Equal Opportunity Employer
Minorities/Females/Protected Veterans/Individuals with
Disabilities/Sexual Orientation/Gender Identity Carilion Clinic is
a drug-free workplace.
Keywords: Carilion Clinic, Roanoke , Information Security Manager (Disaster Recovery) (Roanoke, VA, US, 24016), Executive , Roanoke, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...