Director, Cyber and Information Security- Operational Resiliency

3 days ago

Canton, United States Point32Health Full time

Job Summary

The focus area for this Director will be leading the organization's ability to effectively respond to and recover from events that result in interruption of Point32Health's business operations. In this role, the Director Cyber & Information Security will be focused on leading a team responsible for:

• Developing and implementing a strategy and practices that will ensure that the organization is prepared for events that may result in extended interruption of technology systems, applications, or business operations.
• Setting requirements and providing education to business and technology stakeholders about their roles in supporting the organization's business continuity, disaster recovery, and incident/crisis management disciplines.
• Development, maintenance, and adoption of a single incident/crisis management framework across the organization - all hazard/threat types.
• Ensuring that the organization's business continuity and disaster recover procedures/playbooks remain up-to-date
• Leading tabletop and simulation exercises to help ensure preparedness and to proactively identify and address opportunities for improvement.
• Anticipate the impact of core systems, applications, facilities, and vendor relationships being unavailable and implement plans that will reduce the impact of those events.

The Director, Cyber & Information Security, will report into the Chief Information Security Officer (CISO) for Point32Health. The Director leads Cyber & Information Security managers and/or security leaders to oversee and help to ensure that core programs are effectively implemented. This role is integral in driving the organization’s Cyber & Information Security strategy and objectives. The Director, Cyber & Information Security is considered a leader within the IT Department and is expected to work collaboratively to identify, influence, and enhance areas of improvement across the organization.

 

Key Responsibilities/Duties – what you will be doing

  • Manage a team of managers/senior leaders responsible for overseeing the core pillars of Cyber & Information Security
  • Develop and implement policies, standards, and guidelines that continuously increase the organization’s Cyber & Information Security program maturity
  • Communicate potential security concerns/exposures with recommended improvements
  • Lead communication and collaboration efforts with the business and IT to ensure quality solutions are delivered
  • Evangelize the objective to embed security behaviors and principles into the Point32Health culture through active engagement, education, awareness, and partnership
  • Develop operational excellence in anticipation and response to evolving threats and opportunities to improve cyber and information security
  • Identify business risk and communicate risk to appropriate leadership
  • Collaborate with stakeholders to define and implement technical and non-technical controls designed to cyber risk objectives and legal / regulatory obligations.
  • Maintain the risk repository to continually identity, prioritize, and mitigate cyber and information security related risk issues
  • Participate in various forums and groups across Point32Health to understand the risk environment and to provide recommends that effectively incorporate security objectives while balancing the business impact of recommendations provided
  • Facilitate adoption of leading security practices to remain in compliance with regulations and to support our continuous monitoring and improvement goals
  • Maintain up-to-date knowledge of the cyber and information security industry, including awareness of new or revised security capabilities, improved security processes, threat scenarios, trends, etc.
  • Identify/recommend tools, processes, software, and protocols to advance or replace current security practices, services, or technologies to meet strategic objectives.
  • Other duties and projects as assigned.

 

Qualifications – what you need to perform the job

EDUCATION, CERTIFICATION AND LICENSURE:

  • Bachelor’s degree in Cyber Security, Computer Science, Risk Management, or related field preferred or equivalent experience


EXPERIENCE (minimum years required):

  • 10+ years combined IT, cyber/information security, risk, audit, compliance, with increasing responsibility
  • 5+ years in cybersecurity or field(s) related to the programs for which the role is responsible for
  • 5+ years in a leadership role, preferably with at least 2 of those years overseeing other managers
  • Experience in leading or sponsoring implementation of technical security solutions within large organizations
  • Experience developing and implementing process-based security controls, processes, and capabilities
  • Experience in engaging with and managing vendors responsible for implementing processes and/or IT solutions
  • Experience creating and maintaining security requirements, guidelines, and procedure documents
  • Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, etc

 

SKILL REQUIREMENTS:

  • Ability to lead a team, including managers, through mentoring, coaching, and motivating - providing an opportunity to learn and grow at Point32Health
  • Requires the ability to identify risk within complex, interrelated programs; ability to assess dynamic situations objectively; and to make recommendations or decisions that best align with the corporate strategic objectives
  • Ability to communicate effectively across multiple levels of the organization including managing through cross-business area or business unit prioritization discussions
  • Strong relationship building skills; Must be able to work collaboratively and cooperatively as a team member, fostering an atmosphere of trust and respect
  • Ability to influence all levels of staff and senior management in the decision-making process
  • Deep understanding of IT infrastructure, program portfolio management, application design, and secure software development lifecycle (SDLC) methodologies

 

Commitment to Diversity, Equity & Inclusion

Point32Health is committed to making diversity, equity, and inclusion part of everything we do—from product design to the workforce driving that innovation. Our DEI strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Who We Are

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

We enjoy the important work we do every day in service to our members, partners, colleagues and communities.

Scam alert: Point32Health has recently become aware of job posting scams where unauthorized individuals posing as Point32Health recruiters have placed job advertisements and reached out to potential candidates. These advertisements or individuals may ask the applicant to make a payment. Point32Health would never ask an applicant to make a payment related to a job application or job offer, or to pay for workplace equipment. If you have any concerns about the legitimacy of a job posting or recruiting contact, you may contact TA_operations@point32health.org

This job has been posted by Ignyte AI on behalf of Point32Health. Ignyte AI is committed to the fundamental principle of equal opportunity and equal treatment for every prospective and current employee. It is the policy of Ignyte AI not to discriminate based on race, color, national or ethnic origin, ancestry, age, religion, creed, disability, sex and gender, sexual orientation, gender identity and/or expression, military or veteran status, or any other characteristic protected under applicable federal, state or local law.

Req ID: R8365

  • Director, Cyber and Information Security- Operational Resiliency

    4 days ago

    Canton, United States Ignyte AI Full time

    Job DescriptionJob DescriptionJob SummaryThe focus area for this Director will be leading the organization's ability to effectively respond to and recover from events that result in interruption of Point32Health's business operations. In this role, the Director Cyber & Information Security will be focused on leading a team responsible...

  • Director of Cyber and Information Security

    6 days ago

    Canton, Massachusetts, United States Point32Health Full time

    About Our CompanyPoint32Health is a leading health and wellbeing organization, dedicated to delivering high-quality, personalized healthcare experiences to our communities. We're a nonprofit company that combines the strengths of Tufts Health Plan and Harvard Pilgrim Health Care, bringing together over 50 years of experience and expertise in the healthcare...

  • Director, Risk Management

    3 days ago

    Canton, MA, United States Point32Health Full time

    The focus area for this Director will be leading the organization's ability to effectively respond to and recover from events that result in interruption of Point32Health's business operations. In this role, the Director Cyber & Information Security will be focused on leading a team responsible for: • Developing and implementing a strategy and practices...

  • Director, Cyber and Information Security- Governance, Risk and Compliance

    2 days ago

    Canton, United States Point32Health, Inc. Full time

    Who We ArePoint32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and...

  • Director, Cyber and Information Security- Governance, Risk and Compliance

    1 week ago

    Canton, MA, United States Point32Health Full time

    Who We ArePoint32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and...

  • Director, Cyber and Information Security- Governance, Risk and Compliance

    1 week ago

    Canton, United States Point32Health Full time

    Who We Are Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and...

  • Information Security Leader

    7 days ago

    Canton, Massachusetts, United States Point32Health Full time

    About Our TeamAt Point32Health, we're passionate about making a difference in the lives of our members and employees. We're committed to fostering a culture of innovation, collaboration, and mutual respect. If you share our values and are driven to deliver exceptional results, we encourage you to apply for this exciting opportunity to join our team as a...

  • Digital Forensics and Cyber Intelligence Analyst

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    Surefire Cyber Inc. is looking for a talented Digital Forensics and Cyber Intelligence Analyst to help us stay ahead of emerging threats. If you have a passion for digital forensics and a knack for analyzing complex data, we want to hear from you.About the Role:Develop and implement incident response plans to mitigate cyber threats.Analyze malware and...

  • Lead Information Security Analyst

    5 days ago

    Canton, United States Point32Health Full time

    Job Summary The Lead Information Security Analyst collaborates with technology teams and business leaders to ensure that cyber and information security solutions meet both technical and strategic business requirements. This role is pivotal in bridging the gaps between security best practices, the evolving technical landscape, regulatory mandates, and...

  • Lead Information Security Analyst

    1 week ago

    Canton, United States Point32Health Full time

    Job SummaryThe Lead Information Security Analyst collaborates with technology teams and business leaders to ensure that cyber and information security solutions meet both technical and strategic business requirements. This role is pivotal in bridging the gaps between security best practices, the evolving technical landscape, regulatory mandates, and business...

  • Digital Forensic Cybersecurity Professional

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    Surefire Cyber Inc. is seeking a highly skilled Digital Forensic Consultant to join our team.Key Responsibilities:* Support the incident response process from detection and containment through forensic investigation and remediation* Perform in-depth forensic analysis, implement incident response procedures, and analyze malware threats* Identify attack...

  • Sr Information Security Analyst

    3 days ago

    Canton, United States Point32Health Full time

    Job SummaryThis position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to implement, monitor, assess and report on IT security, under guidance of senior...

  • Sr Information Security Analyst

    3 days ago

    Canton, United States Point32Health Full time

    Job SummaryThis position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to implement, monitor, assess and report on IT security, under guidance of senior...

  • Digital Forensic Incident Response Specialist

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    At Surefire Cyber Inc., we are seeking a highly skilled Digital Forensic Incident Response Specialist to join our team. The ideal candidate will have a strong background in digital forensics, cyber intelligence, and malware analysis.Key Responsibilities:Support the response process from detection and containment through forensic investigation and...

  • Cybersecurity Threat Investigator

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    **About Surefire Cyber Inc.**Surefire Cyber Inc. is a reputable organization seeking a highly skilled Consultant, Digital Forensic and Incident Response (DFIR). The ideal candidate will possess expertise in forensic analysis, incident response procedures, and malware analysis.**Key Responsibilities**Support the response process from detection and containment...

  • Information Protection Expert

    1 day ago

    Canton, Massachusetts, United States Ignyte AI Full time

    Job RequirementsTo succeed in this role, you will need to possess a unique blend of technical expertise and business acumen. You should have a strong understanding of cybersecurity concepts, as well as excellent communication and collaboration skills.Key Responsibilities:Design and implement security controls to protect against cyber threats.Develop and...

  • Digital Forensic Analyst Specialist

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    **Job Description Overview**Surefire Cyber Inc. is looking for an experienced Consultant, Digital Forensic and Incident Response (DFIR) to support our response process. This includes detection and containment through forensic investigation and remediation.**Responsibilities Include:**Forensic analysis and implementation of incident response proceduresMalware...

  • Incident Response and Malware Expert

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    **Job Summary**Surefire Cyber Inc. seeks a seasoned Consultant, Digital Forensic and Incident Response (DFIR) professional to drive our response efforts forward. As a key member of our team, you will be responsible for supporting our response process and contributing to incident response procedures.**Essential Responsibilities:**Conduct forensic analysis and...

  • Digital Forensic Incident Response Specialist

    6 days ago

    Canton, United States Surefire Cyber Inc. Full time

    At Surefire Cyber Inc., we're seeking a skilled Digital Forensic Consultant to join our team. This critical role involves leading the response process from detection and containment through forensic investigation and remediation.Key Responsibilities:• Support the incident response process, focusing on forensic analysis, implementing procedures, and...

  • Sr Information Security Analyst

    2 days ago

    Canton, MA, United States Point32Health Full time

    Job Summary This position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to implement, monitor, assess and report on IT security, under guidance of senior...