Information Security Manager (Disaster Recovery)

Roanoke, VA, US, 24016

Employment Status:  Full time
Shift:  Day
Facility:  Technology Services Group
Requisition Number:  108900

Job Summary

The Information Security Manager-Disaster Recovery will be responsible for translating strategic intent into an operational security program, coordinating across a team of highly skilled multi-disciplinary security professionals. The role will also include oversight of general managed services teams (e.g., security monitoring and incident response). This role will be responsible for helping to resolve key cyber-risk issues and escalating as appropriate across different business lines within the organization. In this position, it is critical that you inspire trust, and build strong, authentic, productive relationships within the organization and with key stakeholders. As a leader in the Information Security space, your responsibility is to manage daily operations, organize daily risk and security reports, coordinate compliance review activities and identity operational improvements.

Rotating shifts, including after hours on-call, and working weekends or irregular long hours as well as occasional overnight travel.

Duties and Responsibilities may include but not limited: 

  • Design, implement, and operate cybersecurity processes and technologies across the organization
  • Manage reporting, investigation, and resolution of data security incidents
  • Lead information security risk analyses and assessments and use these to communicate current risk posture to leadership in an unambiguous manner
  • Provide guidance and direction on best practices for the protection of information.
  • Ensure compliance with regulations and privacy laws.
  • Develop and implement information security policies, standards, guidelines, and procedures to ensure optimal management of Information Security risk.
  • Mature security processes to ensure our systems are monitored for security alerts, anomalies are tracked, and procedures followed when alerts are triggered.
  • Create internal partnerships with key stakeholders, such as Audit, Finance, HR, Legal, and Marketing Teams to influence and align business-area actions that are needed to achieve security program objectives.
  • Build and mentor a strong Information Security team that may include consultants and vendors.
  • Provide key performance and risk indicators for the CISO, Technology Services, and the board of directors.
  • Adheres to departmental policies and procedures to assure prompt resolution to identified problems.
  • Focus on Identity and Access Management and Disaster Recovery functions.
  • Develop and implement business plans, policies, and procedures to maintain systems, network, database and/or Web security.
  • Oversee the development, implementation, and maintenance of information security, including access management, vulnerability assessments, penetration testing, infrastructure, and regulatory compliance.

Minimum Qualifications


Education: Bachelor’s Degree in a related field or equivalent work experience.

Experience: Minimum Seven years of progressively responsible experience in cyber security. Three years dedicated to building and leading an effective security program. Assisted in designing, managing, and delivering large-scale, enterprise-wide security projects. Experience with project and program management in technical environments with diverse stakeholder groups. Experience and background with on-premise and cloud technology, operating systems, and applications, preferably including clinical and healthcare solutions. Experience conducting information security risk assessment, control analysis, and vulnerability assessments. Demonstrated experience building and mentoring a strong Information Security team that may include consultants and vendors. Ability and skill to operate and produce at all levels of the program. (You have not forgotten how to work on the command line.)

Licensure, certification, and/or registration: Valid Virginia drivers' license and dependable transportation. Certifications such as CISSP, CISA, CISM are preferred.

Other Minimum Qualifications: Excellent verbal and written communication skills with the ability to influence the actions of internal stakeholders and manage relationships with external stakeholders. Experience managing a team of people Strong problem solving and troubleshooting skills with the ability to exercise mature judgment Proven execution capabilities. Willingness to creatively ensure mission success.

About Carilion


This is Carilion Clinic ...

An organization where innovation happens, collaboration is expected and ideas are valued. A not-for-profit, mission-driven health system built on progress and partnerships. A courageous team that is always learning, never discouraged and forever curious.

Headquartered in Roanoke, Va., you will find a robust system of award winning hospitals, Level 1 and 3 trauma centers, Level 3 NICU, Institute of Orthopedics and Neurosciences, multi-specialty physician practices, and The Virginia Tech Carilion School of Medicine and Research Institute.

Carilion is where you can make your own path, make new discoveries and, most importantly, make a difference. Here, in a place where the air is clean, people are kind and life is good. Make your tomorrow with us.

 


Requisition Number: 108900 
Employment Status: Full time 
Location: Technology Services Group 
Shift: Day 
Shift Details: Monday-Friday 8:00am-5:00pm with on call as needed
Recruiter: MARK A MISKOVIC 
Recruiter Phone:  
Recruiter Email: mamiskovic@carilionclinic.org
For more information, contact the HR Service Center at 1-800-599-2537.

Equal Opportunity Employer

Minorities/Females/Protected Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity

Carilion Clinic is a drug-free workplace.

 

Carilion Total Rewards

What matters to you is important to us—like benefits, rewards, and resources to improve your life. Carilion understands the importance of prioritizing your well-being to help you develop and thrive. When you make your tomorrow with us, we’ll enhance your potential to realize the best in yourself. Below are benefits available to you when you join Carilion:

  • Employer Funded Pension Plan, vested after five years (Voluntary 403B)
  • Comprehensive Medical, Dental, & Vision Benefits
  • Flexible Work Arrangements/Schedules
  • Remote Work Options
  • Paid Time Off (accrued from day one)
  • Onsite fitness studios and discounts to our Carilion Wellness centers
  • Access to our health and wellness app, Virgin Pulse
  • Discounts on childcare
  • Continued education and training

Find more about Carilion Clinic’s benefits by vising our Total Rewards Page.


Equal Opportunity Employer
Minorities/Females/Protected Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity
Carilion Clinic is a drug-free workplace.


Nearest Major Market: Roanoke

Job Segment: Information Security, Cyber Security, Information Technology, IT Manager, Technology, Security