Information Security Senior Director Security Operations

Mass General Brigham

20h•Hybrid

About The Position

At Mass General Brigham (MGB) Digital, we pride ourselves on our ability to create maximum strategic, clinical, and operational value from established and emergent technologies for our patients, care teams, researchers, and employees. Digital health will not only enhance the equity and efficiency of healthcare delivery, but it will also help make medicine more personalized and precise. We recognize that increasing value and continually improving quality while maintaining an inclusive focus are essential to organizational excellence, and we invite you to join us on this journey. The work we do in Digital is a strategic imperative, and there is a strong and growing understanding of how together we will transform Mass General Brigham in innovative and impactful ways. Under the leadership of the MGB Chief Information Security Officer, this role is responsible for directing programs, technology, and operations around security event monitoring, incident response, threat intelligence, threat & vulnerability management, and application security across MGB.

Requirements

Bachelor's Degree Information Technology required or Bachelor's Degree Related Field of Study required
Cybersecurity leadership experience as typically gained by 7 years of experience in cybersecurity, with at least 5 years leading teams
Bachelor’s degree in Computer Science, Information Systems, or related field or equivalent experience
Experience with a broad range of cybersecurity tools and technologies
MGB can consider and review experience in lieu of a degree for this role
Exceptional analytical and problem-solving skills, with a proven track record of continuous improvement
Proven experience building highly-capable teams, including a record of strategic hiring, retention, and staff development
Strong knowledge of relevant cybersecurity frameworks
Leadership and People-Focused Leadership
Performance Focused: Customer/Patient Focus: Building strong customer/patient relationships and delivering customer/patient centric solutions
Manage Complexity: Make sense of complex, high quality, and sometimes contradictory information to effectively solve problems
Cultivate Innovation: Create new and better ways for the organization to be successful
Ensure Accountability: Holding self and others accountable to meet commitments
Learning Agility: Actively learn through experimentation when tackling new problems, using both successes and failures as a learning folder
People Focused: Drive Equity and Inclusion: Recognizes the value that different perspectives and cultures bring to an organization
Build Effective Teams: Build cohesive teams that apply their diverse skills and perspective to achieve common goals
Collaborate: Build partnerships and work collaboratively with others to meet shared objectives
Communicate Effectively: Develop and deliver multi-mode communications that convey a clear understanding of the unique needs of different audiences including senior system and hospital administrators, physician leadership, technician staff, and other personnel across different institutions
Instill Trust: Gain the confidence and trust of others through honesty, integrity, and authenticity
Superior analytic and reasoning skills
Exceptional communication skills, especially in high-pressure environments
Ability to lead team members across multiple institutions, departments, and technical operations staffs
Excellent ability to translate strategic initiatives into a tactical approach, and execute the steps within the approach

Responsibilities

Lead and manage 8-10 direct reports, including both individual contributors and management
Responsible for significant portion of overall Information Security budget
Working with the CISO, set strategic direction for Cybersecurity Operations team, ensure staffing levels meet operational needs, and promote a culture where employee wellness and professional development are prioritized
Direct the development and implementation of strategies and technologies for continuous monitoring and detection of cybersecurity threats and vulnerabilities across MGB.
Oversee the threat and vulnerability management program, including regular assessments, penetration testing, and remediation efforts.
Direct engineering efforts across the toolset supporting Cybersecurity Operations, ensuring the proper implementation and maintenance of security tools and technologies such as Endpoint Detection & Response, SIEM, Network Monitoring, and others
Direct the creation and operationalization of processes for threat & vulnerability remediation and incident response efforts
Collaborate with cross-functional teams to identify and mitigate risks and vulnerabilities in both on-premises and cloud environments.
Monitor and report on the effectiveness of cybersecurity controls via data-driven measurements, ensuring compliance with relevant laws, regulations, and industry standards.
Actively participate in Information Security team leadership
Represent the broader Information Security program to select internal and external stakeholder groups
Other duties as assigned