Apply on Employer Site

HMSA · 3 hours ago

Senior Manager, Cyber Security Operations

Honolulu, HI

Full-time

Hybrid

Mid, Senior Level

$86K/yr - $180K/yr

5+ years exp

HMSA is seeking a Senior Manager for Cyber Security Operations to lead their Cyber Security operations function. This role involves managing a team of Cyber Security specialists, overseeing security operations, and ensuring compliance with regulations while fostering a culture of security awareness within the organization.

AssociationHealth CareInsuranceMedical

Responsibilities

Lead and mentor a team of security analysts and engineers

Foster a culture of security awareness and continuous improvement within the team

Conduct performance evaluations and provide ongoing feedback and development opportunities

Oversee the Security Operations Center (SOC) and ensure effective monitoring, detection, and response to security incidents

Develop and refine incident response procedures and playbooks

Manage and optimize security tools and technologies

Conduct regular risk and vulnerability assessments to identify and mitigate potential threats

Ensure compliance with relevant regulations (e.g., NIST CSF, HIPAA, SOC 2) and industry standards

Collaborate with internal auditors and external partners during compliance audits

Create roadmaps in support of CISO strategy; communicate and execute this roadmap

Work effectively with other IT areas and the business ensuring IT Security Operational activities are in place in accordance with best practice and NIST

Create and update IT Security operation related policies and procedures leveraging industry best practices and Enterprise NIST CSF

Support Enterprise IT Audits; Collaborate with IT and Internal Audit on all Cyber Security Risk-related activities

Effectively leverage HMSA Cyber Security vendors to align with HMSA's Cyber Security Operation needs

Develop KPI's and SLA's, communicate and report on these metrics

Develop and implement the IT security operations strategy aligned with the organization's overall security framework

Stay abreast of the latest security trends, threats, and technologies, and recommend necessary adjustments to security policies and practices

Work closely with IT, legal, and business units to ensure a unified approach to security

Prepare and present security reports to senior management and stakeholders, highlighting key metrics and areas for improvement

Lead investigations into security breaches and coordinate response efforts

Analyze security incidents to identify root causes and implement corrective actions

Provide leadership, manage, and coach cybersecurity unit staff in overall Information Security Program management

Provide management support including personnel, budget and other administrative responsibilities, (i.e., mentoring, performance management, career planning and counseling, etc.)

Manage budget to ensure the organization's cyber security program is conducted in a cost conscious and financially responsible manner

Perform all other miscellaneous responsibilities and duties as assigned or directed

Qualification

Cybersecurity managementSecurity frameworks knowledgeSecurity technologies experienceIT Security CertificationsRisk management principlesProcess management skillsProject management skillsCustomer service skillsTechnical troubleshooting skillsMicrosoft Office proficiencyOperating systems knowledge

Required

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field

Five years of experience in IT security, with at least three years in a management or leadership role

Strong understanding of security frameworks (NIST, HIPAA etc.) and risk management principles

Proven experience with security technologies (firewalls, SIEM, endpoint protection, etc.)

Strong customer service skills

Strong process and project management skills

Intermediate working knowledge of Microsoft Office applications, including but not limited to Word, Excel, Outlook, and PowerPoint

Strong knowledge of operating systems, architecture and various software and hardware products

Good technical and troubleshooting skills

Intermediate understanding and implementation capability of security best practices and technology and demonstrate proficiency in the application of established information security practices

At least one of the Industry Standard IT Security Certifications such as CISSP, CISM, CRISC, CISA