Find The RightJob.

Director IT Security Operations and Engineering

Overview:

At SCA Health, we believe health care is about people – the patients we serve, the physicians we support and the teammates who push us forward. Behind every successful facility, procedure or innovation is a team of 15,000+ professionals working together, learning from each other and living out the mission, vision and values that define our organization.

As part of Optum, SCA Health is redefining specialty care by developing more accessible, patient-centered practice solutions for a network of more than 370 ambulatory surgical centers, over 400 specialty physician practice clinics and numerous labs and surgical hospitals. Our work spans a broad spectrum of services, all designed to support physicians, health systems and employers in delivering efficient, value-based care to patients without compromising quality or autonomy.

What sets SCA Health apart isn’t just what we do, it’s how we do it. Each decision we make is rooted in seven core values:

Clinical quality
Integrity
Service excellence
Teamwork
Accountability
Continuous improvement
Inclusion

Our values aren’t empty words – they inform our attitudes, actions and culture. At SCA Health, your work directly impacts patients, physicians and communities. Here, you’ll find opportunities to build your career alongside a team that values your expertise, invests in your success, and shares a common mission to care for patients, serve physicians and improve health care in America.

At SCA Health, we offer a comprehensive benefits package to support your health, well-being, and financial future. Our offerings include medical, dental, and vision coverage, 401k plan with company match, paid time off, life and disability insurance, and more. Please visit, https://careers.sca.health/why-sca, to learn more about our benefits.

Your ideas should inspire change. If you join our team, they will.

Accountabilities / Responsibilities:

The Director, IT Security Operations & Engineering will provide enterprise-wide leadership and accountability for Security Operations across SCA, including security operations engineering, vulnerability operations, incident response coordination, operational security tooling, and the governance required to improve security outcomes across clinical, corporate, and remote environments.

Primary position responsibilities:

Provide enterprise-wide leadership and accountability for Security Operations, including strategy, operating model, governance, and measurable outcomes.
Lead Security Operations Engineering, vulnerability management operations, incident response coordination, and operational security tooling across the enterprise.
Establish annual and long-range security operations goals, strategies, metrics, reporting mechanisms, service expectations, and maturity roadmaps for continual improvement.
Define and standardize security operations processes, controls, and lifecycle management for logging, monitoring, endpoint, infrastructure, and related security services.
Direct enterprise vulnerability management strategy, prioritization, and remediation governance in partnership with infrastructure, application, and operations teams.
Oversee incident readiness, escalation, coordination, and recovery activities, including leadership of cross-functional response efforts and alignment with external security service partners.
Partner with IT, business, clinical leadership, and affiliated security teams to align operational security priorities, service levels, and remediation outcomes.
Assess the effectiveness of security controls and operational practices, communicate risks and performance trends, and recommend corrective actions where needed.
Drive standardization and optimization of security operations tooling, ensuring solutions are scalable, sustainable, and aligned to business and regulatory requirements.
Develop and maintain policies, procedures, standards, and guidelines that support operational security, incident management, and vulnerability response.
Provide executive-level communication and reporting on security operations risks, service performance, remediation progress, and maturity improvements.
Support audit, regulatory, and compliance readiness as it relates to operational security controls and evidence of effective risk treatment.
Coach and lead managers and cross-functional teams to ensure clear accountability, consistent prioritization, and effective execution of security operations initiatives.

Secondary position responsibilities:

Manage day-to-day support operations.
Adhering to company values at all times.
Performing other related duties as assigned.

This position is primarily responsible for, or having knowledge of:

Common Information Security management/compliance frameworks, such as SOX, PCI, HIPAA, ISO 17799/27001, and NIST frameworks.
Assessing and/or managing assessment of compliance and security gaps, providing remediation recommendations based on cost and other pertinent factors.
Leading cross functional Security Incident Response Team in the resolution of security related incidents.
Security-related systems and applications, especially mainstream OS’s (e.g. Microsoft Windows and Linux), network security appliances, identity, and access management (IAM) systems, anti-malware solutions, automated policy compliance and desktop security tools.
Network infrastructure, including routers, switches, firewalls and associated network protocols and concepts.
Strong verbal and written communication skills
Facilitating cross-functional teams
Translating business requirements into control objectives
Information risk concepts and principles, as a means of relating business needs to security controls.
Firewalls, SIEM, DLP, VPN, DMZ, IAM, MFA, Intrusion Detection/Prevention, Encryption, Anti-Malware, MDM, MAM, asset management, VMS and other IT Security solutions is highly preferred.
Maintaining SOX controls and compliance audits

Qualifications:

Minimum Qualifications

Education and experience equivalent to:

Bachelor's degree in information technology, cybersecurity, or related field; supplemented with seven (7) or more years of progressive information security experience, including leadership responsibility for security operations, incident response, vulnerability management, or related operational security functions.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or similar certification preferred.

Other Qualifications

Proactive, decisive, action-oriented individual
Strong written and verbal communication skills, including with Executive audiences
Excellent interpersonal, leadership, collaboration, facilitation, and negotiation skills
Able to clearly explain technical issues in a way that nontechnical people can understand
Ability to be broadly focused and manage multiple efforts concurrently
Ability to work effectively with all levels of the organization, including staff, business stakeholders, and all levels of management

Min: USD $160,000.00/Yr. Max: USD $185,000.00/Yr.

Similar jobs

No similar jobs found

Term of use Privacy policy