Job Summary
The IT Cyber Security Manager will lead a team of security analysts and will report directly to the Director of IT Security (Deputy CISO). This role is responsible for executing and overseeing day-to-day security operations, managing security technologies, policies, and processes, and driving projects to support the enterprise security posture and reduce corporate cyber security risk. This position will collaborate regularly with leadership, including the Deputy CISO and CISO, to ensure cybersecurity priorities align with overall IT strategies and business objectives. Key responsibilities include oversight of the enterprise information security policy, developing and documenting security protocols and procedures, cyber incident response handling, identifying security gaps creating risks, pushing forward compliance efforts, monitoring threats, and driving continuous security improvements.
Core Responsibilities for all jobs at this level.
Lead and oversee cybersecurity operations: Manage day-to-day security operations including incident response, monitoring and maintaining core security systems, and ensuring alignment with organizational cyber security policies and procedures. Develop and maintain governance and risk frameworks: Oversee enterprise cybersecurity policies, manage the risk register, evaluate cyber risks and potential solutions, and provide informed recommendations to leadership. Drive compliance and resilience efforts: Lead compliance initiatives for HIPAA, DFARS, PCI, and other applicable compliance needs, maintain disaster recovery programs, and prepare for and test organizational readiness in the event of a cyber-attack or another major security incident. Foster security awareness and team development: Enhance the organization's security awareness programs, prevent data loss to safeguard sensitive data, and mentor and motivate a team of security analysts to achieve operational excellence.Collaborate with the Project Management Office (PMO): Work closely with the PMO and other IT teams to organize and execute project tasks, ensuring cybersecurity milestones are achieved on time and within budget while aligning with broader organizational goals.Maintain security program capabilities and monitor cyber threats: Ensure robust coverage of deployed cyber solutions within the environment and continuously monitor and manage vulnerability posture, suspicious activities, potential cyber intrusions, and changes within the environment that may create risk exposure.Essential Functions and Responsibilities include the following.
Security Operations Management
Responsible for the oversight of core security systems, managed security providers, and associated security-related systems.Manage daily security operations, including threat detection, incident identification, and response.Serve as the primary incident manager for cybersecurity incidents, coordinating containment, remediation, and reporting efforts.Weigh business needs against security risks and make recommendations on the best options and approachPolicy and Governance
Oversee the enterprise information and cybersecurity policy and its execution, ensuring alignment with industry standards and regulatory requirements.Lead efforts in Security Governance, including process, policy, and program management.Interface with IT leadership as needed on projects, initiatives, and other requests. Regularly communicate with the Director IT Security (Deputy CISO) and CISO to align cybersecurity with organizational priorities.Compliance and Risk Management
Lead and maintain compliance and/or certification efforts for applicable compliance needs (e.g. HIPAA, PCI, DFARS/CMMC, etc.) for Information Security.Maintain and update the organization's risk register, continuously evaluating cyber risk and threat intelligence.Weigh business needs against security risks and make informed recommendations to organizational leadership.Disaster Recovery and Resilience
Maintain the Disaster Recovery program, plan, and recurring testing to ensure organizational preparedness.Awareness and PreventionDrive continuous improvement in the effectiveness of security awareness programs throughout the organization.Oversee efforts in data loss prevention and cyber fraud prevention, ensuring appropriate safeguards are in place.Maintain and publish program metrics for leadership and participate in prioritization efforts for improvement.Project Management
Manage security-related projects, including technology upgrades, process improvements, and risk mitigation initiatives.Collaborate with IT, business units, and external vendors to ensure project success.Ensure PMO documentation requirements are addressed in a timely fashion during all project phases.Other Duties as assigned.Additional job requirements:
Regularly scheduled attendanceIndicate the percentage of time spent traveling: <10%Subject to applicable laws and Air Method’s policies, regular attendance is an essential function of the position. All employees must follow Air Methods’ employment practices and policies.
Supervisory Responsibilities
Directly supervises employees in the IT information security department. Carries out Supervisory responsibilities in accordance with the organization’s policies and applicable laws. Responsibilities include interviewing, selecting, hiring, and training employees, planning, assigning and directing work; appraising performance, rewarding and disciplining employees, addressing complaints and resolving problems. For Exempt Managers: Managers that carry out these responsibilities for two or more employees will have significant input in hiring and termination decisions.
Qualifications
To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. In accordance with applicable laws, Air Methods will provide reasonable accommodations that do not create an undue burden so disabled employees may perform the essential functions of the position.
Education & Experience
Bachelor’s degree from four-year college or university; and five or more years’ related experience and/or training; or equivalent combination of education and experienceTwo or more years of management experience at the tactical operational level within IT SecurityExperience in executing cyber security programs based on the NIST, HIPAA, PCI, and similar frameworksSkills
Strong interpersonal skills and a high degree of collaboration at all levels.Demonstrates high critical thinking, reasoning skills, and problem-solving skillsExcellent organizational skills, detail oriented, ability to multi-task efficiently and meet deadlinesExcellent communication and presentation skills, both written and verbalAbility to exercise sound judgement and make decisions in a manner consistent with the essential job functions.Builds partnerships with related departments or functions to enhance efficiency and executionContributes to business sustained growth through leadership and functional expertiseInitiates, leads and evaluates implementation for functional programs and solutions across major business areasComputer Skills
Advanced Microsoft Office Suite, including Word, Excel, PowerPoint and OutlookAtlassian Jira for project task execution, resourcing, and tracking.High degree of proficiency with all levels of technology, data protection and security; including underpinning core network, system, development and application technologiesExperience with Cloud computing and commensurate security measures thereofCertificates, Licenses, Registrations
None required, but a benefit for the position includes: CISSP, CISM or GIAC, or similar industry-recognized credentials.Air Methods is an EEO/AA employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Options Apply for this job onlineApplySubmit a referral to this jobRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Application FAQs
Software Powered by iCIMS
www.icims.com