University of Miami - Miami, FL
posted 4 months ago
The University of Miami Health System, known as UHealth, is seeking a Manager for IT Security Incident Response. This pivotal role involves leading the organization's response to IT security incidents, ensuring that the response operations are efficient and effective. The IT Security Incident Response Manager will oversee monitoring and incident response activities, ensuring that all incidents are handled in accordance with established standards and policies. This position requires a proactive approach to reviewing and updating incident response standards, policies, and procedures to adapt to the evolving security landscape. In this role, the manager will conduct thorough investigations, analyses, and evaluations to determine the feasibility of projects related to incident response. Documenting root cause analyses, security events, and incidents is a critical part of the job, as is the development and maintenance of the IT security incident response process, which includes all necessary supporting materials. The manager will also be responsible for developing functional requirements for roles involved in the Computer Security Incident Response Team (CSIRT) program. Collaboration is key in this position; the manager will work closely with various business units, IT functions, and external providers to ensure that the incident response process is well understood and that responsibilities are clearly defined and accepted. Acting as a liaison between the security incident response team, enterprise IT services, and business units, the manager will initiate the IT security incident response process and execute decision authority as needed. Ensuring the execution of the incident response process until resolution is achieved is a primary responsibility, along with maintaining and protecting required incident records, such as investigator journals. Additionally, the manager will organize and participate in post-incident reviews, presenting findings to senior management. The role requires a strong background in Unix/Linux systems, OS internals, or file-level forensics, as well as extensive experience in security incident management processes and tools. This position is not only about technical expertise but also about leadership, as the manager will need to lead, motivate, and direct a workgroup effectively.