Director - Security Architecture & Engineering
Director – Security Operations, Architecture & Engineering
We are looking for a hands-on executive leader with extensive Security Operations, Architecture and Engineering experience to develop our security monitoring and incident response strategy and security solution strategy. The Security Operations and Security Architecture & Engineering programs includes (but not limited to): 24x7 Security Operations Center (SOC) - Global Security Monitoring, Cyber Incident Response, Threat Intelligence, Cyber Investigations and Forensics, Product Security, Threat and Vulnerability Management, Cloud Security, Identity and Access Management (IAM), Data Security and Data Loss Protection (DLP), Network and Infrastructure Security, Cloud Security, Email Security, and Mobile Security. The candidate must be an exceptional people leader who has developed and managed other leaders and teams in the past, as well as an excellent communicator with customers, stakeholders, executives and regulators. Strong operational knowledge of the security tool (and vendor) landscape and has a track record of optimizing and automating processes to achieve measurable efficiency and accuracy gains. This role is critical to the Global Information Security (GIS) program, and works directly alongside the leaders of Product, DevSecOps, Security, Cyber Risk Governance, Tech Infrastructure, Network teams.
- Develop Security Operations, Architecture & Engineering Strategy and manage the team to support program execution
- Lead the investigation and resolution of major cybersecurity incidents impacting the GHX business and our customers
- Be a thought leader and industry expert in the company for Cybersecurity Threats and Security Technology (architecture + engineering)
- Engage with executive level leaders and customers to create and present program overviews and roadshows for major initiatives and programs
- Lead global security engineering projects including creating strategy and directing execution through a team of Security Architects and Engineers
- Lead the Cloud Security program for GHX’s AWS and Azure cloud instances
- Design and implement security processes to support security architecture and engineering using best-in-class security engineering principles; experience with the MITRE standards is a plus
- Manage the team that operates security tool – running, maintaining, optimizing and configuring rules for various tools across IAM, DLP, mobile, and Cloud.
- Lead secure design and architecture review processes of GHX products for customers; strong understanding of threat modelinga
- Lead security tool/vendor evaluations and deployments
- Lead the enterprise cybersecurity tabletop exercises across cross-functional teams
- Lead the cybersecurity forensics and investigations strategy and execution
Knowledge and Skills
- Expert understanding of cyber security monitoring, detection, incident response and investigations
- Expert experience with security metrics and measurements and process automation – understand how to measure monitoring/IR processes and how to improve them based on historical data
- Strong understanding of security architecture and engineering concepts
- Strong understanding of MITRE TTPs or similar
- Demonstrated past contributor and “plugged-in” to the threat intelligence community and various industry sources
- Understand what it means to “think like a hacker” and take the attacker viewpoint
- Familiarity with Dark Web and related concepts
- Experience with operating security tools such as Intrusion Detection/Prevention Systems, Email Security, Data Security, Cloud Security, Network and Application Security
- 8+ years of relevant security operations and SOC experience
- 8+ years of relevant security architecture and engineering experience
- 10+ years of IT and leadership experience
- CISSP or equivalent
- Executive Presence with High EQ and Empathy for team members, peers, and customers
- Has led Security Operations and Threat Intelligence teams
- Has led Security Architecture and Engineering teams
- Strong communicator who can partner internationally with senior security and application team members
- Self starter, takes initiative with strong conviction
Estimated Salary range for this position: $154,000-$176,400
The base salary range represents the anticipated low and high end of the GHX’s salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate’s qualifications, skills, competencies and proficiency for the role. The base salary is one component of GHX’s total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/
GHX: It's the way you do business in healthcare
Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.
GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.
It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe, Illinois, Florida, and Nebraska.
Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.
GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.