Security Manager

Key ResponsibilitiesStrategically implement the security program by translating high-level plans into targeted initiatives and monitor projects through robust milestone, risk, and deliverable management. Lead collaborative working sessions and deliver articulate, insightful status briefings to stakeholders.Oversee enterprise risk management, partnering closely with Security Compliance to maintain an authoritative risk register. Facilitate risk remediation across systems and business units, while supporting audit procedures and expertly addressing partner and customer security assessments.Champion the institutionalization of security governance by orchestrating the deployment and integration of policies and standards. Ensure the creation and dissemination of practical operating procedures, proactively identify operational deficiencies, and advocate for progressive enhancements in security maturity.Direct sophisticated Identity and Access Management (IAM) operations, embracing end-to-end lifecycle processes (onboarding, transitions, separation), role-based access control, periodic entitlement reviews, and privileged access oversight. Collaborate with IT and business application owners for seamless MFA/SSO deployments and continuously optimize IAM for organizational agility.Advance protection of sensitive and regulated data—particularly PHI—through rigorous data classification, handling protocols, and comprehensive encryption standards. Drive enterprise-wide adoption of effective key management and fine-tune Data Loss Prevention (DLP) strategies in partnership with internal stakeholders.Coordinate security operations and incident management as the primary liaison to MDR/MSSP partners. Continually enhance incident response methodologies, escalation mechanisms, and contact lists, while orchestrating simulation exercises and post-incident analyses to reinforce organizational preparedness.Lead the rhythm of vulnerability and patch management by administering scan cycles, prioritization, and remediation in alignment with SLA commitments. Closely partner with technical teams to verify resolutions and communicate the risk landscape underlying remediation efforts.Strengthen third-party risk governance by collaborating with compliance, procurement, and legal teams throughout vendor evaluation, tiering, and diligence processes. Define and monitor security standards for external relationships, ensuring alignment with organizational obligations and best practices.Administer Business Continuity and Disaster Recovery (BC/DR) initiatives by maintaining structured testing calendars, scenario playbooks, and evidence collection protocols for mission-critical systems. Facilitate exercises and post-test remediation to bolster resilience and continuity of clinical and operational services.Enable a robust Secure Software Development Lifecycle (SSDLC) by championing minimum security checkpoints (e.g., SAST, DAST, dependency scanning), providing mentorship to development teams on secure architecture, and fostering security-driven innovation in support of strategic organizational goals.Steward security culture and talent development by coordinating immersive training programs, phishing simulations, and reporting key performance indicators to leadership. Mentor direct reports and junior team members, fostering a spirit of curiosity, initiative, and continual professional advancement.

Salary : $120,000 - $150,000