Job Summary

The Director of Cyber Defense, reporting to the CISO, leads initiatives in safeguarding sensitive patient data, protecting critical systems, and ensuring the continued operations of healthcare organizations against evolving cyber threats. This role leads the hospital system’s threat detection, incident response, medical device security, and vulnerability management operations. Serving as the Director of Cyber Defense requires a deep understanding of cybersecurity operations in healthcare and the ability to manage high-performing teams. The Director also leads incident response, threat detection & emulation, and vulnerability management.

Key Responsibilities

- Develop and implement comprehensive cybersecurity strategies aligned with business objectives and regulatory requirements (e.g., HIPAA, ISO 27001).
- Lead and manage security operations, including threat detection, incident response, and vulnerability management, to ensure rapid identification and mitigation of risks.
- Oversee the Security Operations Center (SOC), managing both internal teams and external MSSP partners, and drive continuous improvement in SOC processes.
- Serve as the Incident Commander, overseeing the Incident Response Process and coordination between executive leadership, IT, business, and IT teams. 
- Integrate and optimize security tools and telemetry to enhance operational visibility, improve correlation, and reduce threat dwell time.
- Provide guidance for the Medical Device Security team ensuring consistent scanning, patching, and security control implementation across medical devices. 
- Direct vulnerability management and penetration testing programs, ensuring timely remediation of identified risks.
- Implement advanced practices such as threat hunting and red teaming to proactively identify and address emerging threats.
- Lead, mentor, and develop a high-performing cybersecurity team, fostering a culture of continuous learning and accountability.
- Collaborate with cross-functional stakeholders and senior leadership to communicate risks, security posture, and strategic initiatives.
- Ensure ongoing compliance with relevant regulations and standards, and oversee third-party security reviews and audits.
- Support DevSecOps initiatives and champion security best practices across the organization.
- Manage cybersecurity budgets and resources effectively.
- Design and deliver security awareness training programs to strengthen the organization’s security culture.

Preferred Qualifications

- Bachelor's degree in a related field, with a Master's strongly preferred.
- Experience of at least 8 years in information security, including 5 years in a leadership role, and experience managing SOC teams and working with MDR providers is expected.
- CISSP, CISM, or equivalent certifications preferred.
- Understanding of cybersecurity principles, network and application security, threat detection, incident response, and proficiency with tools like SIEM, SOAR, and EDR.
- Strong program/project management skills (PMP or PMP-like) desired.
- Consulting experience is desirable.

Leadership Experience

- Proven experience leading complex consulting engagements, including CIO/CISO engagements—driving all phases of the client engagement lifecycle (project kickoff, interviews, document reviews, analysis, deliverable creation, executive briefing, and closeout).
- Strong leadership and program management skills; able to interface with client leadership teams and provide direction to internal, client, and vendor teams.
- Strong communication skills, including the ability to lead executive-level deliverable presentations and briefings.
- Develop high-quality deliverables, such as reports, presentations, policies, procedures, and architectural diagrams.

Technical & Domain Expertise

- In-depth knowledge of cybersecurity frameworks (e.g., NIST CSF, ISO 27001, COBIT).
- Strong understanding of network protocols, operating systems, cloud platforms (Azure, GCP), and security technologies (SIEM, EDR, firewalls, WAFs).
- Expertise in one or more of the following cybersecurity domains (or related): Cyber Risk Management, Incident Response, Data Protection, OT Security, Vulnerability Management, Identity and Access Management, Cyber Resilience.
- Experience with risk management methodologies and tools.
- Familiarity with regulatory compliance standards (e.g., GDPR, HIPAA, PCI DSS, SOC 2).

Minimum Requirements

- Bachelor’s Degree or 4 years of work experience above the minimum qualification
- 5 years of experience