Manager, IT Security Incident Response

University of Miami - Miami, FL

posted 4 months ago

Full-time - Manager
Miami, FL
Educational Services

About the position

The University of Miami Health System, known as UHealth, is seeking a Manager for IT Security Incident Response. This pivotal role involves leading the organization's response to IT security incidents, ensuring that the response operations are efficient and effective. The IT Security Incident Response Manager will oversee monitoring and incident response activities, ensuring that all incidents are handled in accordance with established standards and policies. This position requires a proactive approach to reviewing and updating incident response standards, policies, and procedures to adapt to the evolving security landscape. In this role, the manager will conduct thorough investigations, analyses, and evaluations to determine the feasibility of projects related to incident response. Documenting root cause analyses, security events, and incidents is a critical part of the job, as is the development and maintenance of the IT security incident response process, which includes all necessary supporting materials. The manager will also be responsible for developing functional requirements for roles involved in the Computer Security Incident Response Team (CSIRT) program. Collaboration is key in this position; the manager will work closely with various business units, IT functions, and external providers to ensure that the incident response process is well understood and that responsibilities are clearly defined and accepted. Acting as a liaison between the security incident response team, enterprise IT services, and business units, the manager will initiate the IT security incident response process and execute decision authority as needed. Ensuring the execution of the incident response process until resolution is achieved is a primary responsibility, along with maintaining and protecting required incident records, such as investigator journals. Additionally, the manager will organize and participate in post-incident reviews, presenting findings to senior management. The role requires a strong background in Unix/Linux systems, OS internals, or file-level forensics, as well as extensive experience in security incident management processes and tools. This position is not only about technical expertise but also about leadership, as the manager will need to lead, motivate, and direct a workgroup effectively.

Responsibilities

  • Lead the security incident response operations, monitoring, and incident response activities.
  • Review and update incident response standards, policies, and procedures.
  • Perform necessary investigation, analysis, and evaluation to determine project feasibility.
  • Document root cause analysis, security events, and incidents.
  • Develop and maintain the IT security incident response process, including all required supporting materials.
  • Develop functional requirements for roles involved in the CSIRT program.
  • Work with business units, IT functions, and external providers to ensure mutual understanding of the incident response process.
  • Act as a liaison between the security incident response team, enterprise IT services, and business units.
  • Initiate the IT security incident response process and execute decision authority within that process.
  • Ensure execution of the incident response process to the resolution of the incident.
  • Organize, participate in, and chair post-incident reviews for presentation to senior management.

Requirements

  • Bachelor's degree in Computer Science, Mathematics, Statistics, or a related field; a Master's degree is highly desirable.
  • Certified Information Systems Security Professional (CISSP) preferred.
  • Certified Information Security Manager (CISM) or equivalent preferred.
  • Cloud Computing Security Certification preferred.
  • GIAC Certified Incident Handler (GCIH) preferred.
  • 12+ years of Information Security experience or equivalent combination of education and work experience.
  • Prior experience in a 24x7x365 SOC operations environment.
  • 5+ years' experience in incident response or similar role in a medium or large organization; experience in Healthcare is a plus.
  • In-depth experience in security incident management processes and tools.
  • Prior people management/leadership experience with proven ability to lead, motivate, and direct a workgroup.
  • Ability to work in a high-pressure environment.
  • Strong project management, presentation, and communication skills.
  • Ability to maintain confidentiality.
  • Knowledge of business and management principles.
  • Knowledge of IT project management and change control principles.
  • Knowledge and expertise with the MITRE Attack framework.
  • Ability to direct, manage, implement, and evaluate department operations.
  • Ability to establish department goals and objectives that support the strategic plan.
  • Ability to effectively plan, delegate, and supervise the work of others.
  • Ability to lead, motivate, develop, and train others.

Nice-to-haves

  • Experience in Healthcare IT security incident response.
  • Familiarity with advanced security incident management tools and frameworks.

Benefits

  • Competitive salaries
  • Comprehensive benefits package including medical and dental insurance
  • Tuition remission
  • Paid time off
  • Retirement savings plan options

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service