Universal Health Services - Tredyffrin Township, PA
posted about 2 months ago
Full-time - Manager
Tredyffrin Township, PA
Hospitals
About the position
The Manager - IS Cybersecurity Vulnerability Management at Universal Health Services, Inc. is responsible for overseeing and managing the organization's vulnerability management, application security, and external attack surface programs. This role involves providing leadership, implementing effective remediation strategies, and collaborating with IT, Security, and Application teams to reduce risk exposure. The manager will also ensure adherence to information security policies and standards while fostering a culture of excellence and innovation within the team.
Responsibilities
- Oversee and manage UHS vulnerability management, application security, and external attack surface programs.
- Provide leadership and mentoring to the team, fostering a culture of excellence, innovation, and collaboration.
- Direct triage and response to critical vulnerabilities and oversee the strategic direction of the program.
- Manage the implementation and ongoing support of corporate owned information security applications and security controls.
- Conduct ongoing vulnerability assessments, penetration tests, and application and network security scans.
- Drive remediation of vulnerabilities and assist system owners with prioritization and guidance on remediation actions.
- Communicate vulnerability results to technical and non-technical business units based on risk tolerance and threat to the business.
- Supervise, evaluate performance, and direct team members.
- Coordinate work assignments to meet deadlines and ensure progress toward completion.
- Work closely with CISO leadership on strategic direction and continuous improvement of the function.
- Identify current and emerging threats to systems and manage them as necessary.
- Maintain operational and technical documentation related to supported solutions.
- Report metrics and scorecards to measure the effectiveness of the vulnerability management program.
Requirements
- Bachelor's degree in Information Systems Security and Risk Management, Computer Science, or related field required.
- 5+ years of information security experience, including knowledge of general security concepts such as defense in-depth and risk-based security management.
- 3+ years' experience with vulnerability assessment and reporting, including understanding of vulnerability management methodologies and procedures.
- Proven experience leading vulnerability management teams with knowledge of security concepts and strategies.
- Hands-on experience with vulnerability management tools and assessing vulnerabilities across various operating systems, databases, and application servers.
- Ability to conduct penetration testing, application and network scanning, and source code analysis.
- Understanding of network protocols, firewalls, intrusion detection systems (IDS), and other network security technologies.
- Knowledge of regulatory requirements such as HIPAA and PCI DSS.
- Currently holds one or more specialized Security Certifications.
Nice-to-haves
- Healthcare industry experience preferred.
- Strong process and technology analysis skills.
- Ability to collaborate with individuals at all organizational levels.
Benefits
- 401(k) matching
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
