About Children’s Minnesota
Children’s Minnesota is one of the largest pediatric health systems in the United States and the only health system in Minnesota to provide care exclusively to children, from before birth through young adulthood. An independent and not-for-profit system since 1924, Children’s Minnesota is one system serving kids throughout the Upper Midwest at two free-standing hospitals, nine primary care clinics, multiple specialty clinics and seven rehabilitation sites. As The Kids Experts in our region, Children’s Minnesota is regularly ranked by U.S. News & World Report as a top children’s hospital. Find us on Facebook @childrensminnesota or on Twitter and Instagram @childrensmn. Please visit childrensMN.org.
Children’s Minnesota is proud to be recognized by Modern Healthcare as one of 2023’s Top Diversity Leaders. The national honor recognizes the top diverse healthcare executives and organizations influencing public policy, care delivery, and promoting diversity, equity and inclusion in their organizations and the industry.
Position Summary
The Information Security Director is a hands-on role responsible for providing leadership and guidance for the information security program in alignment with established and required security frameworks. Under the direction of the Chief Information Security Officer, the director will strategize and lead the design and implementation of core components of the information security program including logging, monitoring, detection, alerting, incident response, forensics, threat management, and awareness training. This individual will be forward-thinking regarding cybersecurity threats and countermeasures to ensure that the organization's data and systems are adequately protected. Furthermore, the director is responsible for standardizing and maturing information security processes and enforcing security policies while supporting day-to-day security activities.
License/Certification/Registration:
- CISSP, CRISC, CISM, CISA, CompTIA Security+, GIAC certifications or similar preferred, but not required.
Education:
- Bachelor's degree in information technology or computer science-related field.
- Master's degree is preferred, but not required.
Experience:
- 15+ years of information security related experience with progressive leadership responsibilities.
Knowledge/Skills/Abilities:
- Ability to work independently in a self-directed manner and collaboratively as a team leader or member.
- Leadership, management, and motivation of a direct team of information security subject matter experts.
- Excellent interpersonal, consultative, coaching, communication, and negotiation skills.
- Ability and experience in setting goals and priorities, and leading staff to accomplish defined objectives and deliver expected results.
- Ability to cultivate effective working relationships with cross-functional teams including IT, Privacy, Legal, HR, and Operations.
- Hands-on experience with multiple information security related frameworks, including NIST CSF, NIST 800-53, HITRUST, PCI-DSS, and HIPAA Security Rule.
- Experience developing policies, standards, procedures, and other security documentation and content.
- Experience and deep understanding of information technology and information security infrastructure.
- Strong knowledge and experience with both technical and non-technical security controls that protect data and systems, and ability to explain these controls in simple terms to all levels of audiences.
- Strategic thinker who is able to develop security architecture roadmaps and security solutions in collaboration with IT, while ensuring business objectives are met.
- Understanding of cybersecurity threats and vulnerabilities and ability to design solutions to counter cybersecurity risks.
- Experience leading SOC teams and developing and leading incident response programs.
- Experience managing various SOC tools and leveraging the same for incident response, investigations, and compliance needs.
- Experience engaging and working with MSSPs including MDR/XDR or outsourced SOCs.
All job offers are contingent upon successful completion of an occupational health assessment, drug screen, background investigation, and compliance with the U.S. Government Form I-9, Employment Eligibility Verification. Children’s Minnesota requires proof of COVID-19 vaccine, and as recommended by the Centers for Disease Control and Prevention (CDC), immunity to vaccine preventable infectious diseases, prior to employment.
Children’s Minnesota is proud to be an equal opportunity employer whose staff is representative of its community and considers qualified applicants for open positions without regard to race, color, creed, sex, religion, national origin, sexual orientation, genetic information, gender identity or expression, age, veteran status, disability, pregnancy, citizenship status, or any other characteristic protected under applicable federal, state, or local law.
#J-18808-Ljbffr