The Manager, Cybersecurity Engineering position will oversee Cybersecurity Engineering, Design and Development of customized security solutions for M Health Fairview and deliver robust, usable and secure automation solutions. The candidate will report into Director of Cybersecurity and lead the engineering and development teams in Digital Identity Management, User and Application Onboarding, Security Orchestration and Response Automation, Authentication and Federation areas. Candidate will partner with Enterprise Architecture, Infrastructure Management, Project Management Office peers and leaders to deliver strategic integration projects and help support security tools and technologies deployed for M Health Fairview. Manager will ensure on-time delivery as per project timelines and establish operating level agreements with peers of Cybersecurity Operations and Incident Response and be the key escalation point for critical defects discovered in production systems. The candidate will collaborate with Threat and Incident Response Manager and Cybersecurity Operations Manager to create a robust SOP, transition documentation and escalation criteria and continually improve Detect/Respond/Manage Cybersecurity.
Responsible for partnering with Enterprise Architecture group to conceive robust and secure automation solutions for Cybersecurity
Accountable to oversee design, configure, build and test user friendly security solutions
Oversee onboarding of various Users, applications and infrastructure systems consuming Cybersecurity services
Oversee Business Analysis and Quality Assurance of Cybersecurity solutions and deliver to business and IT transformation needs
Oversee consolidation/replacement of Cybersecurity technologies and partner with Cybersecurity Operations and Incident Response teams to improve maturity of deployed solutions
Conduct reviews of system capacity, HA, BCP/DR needs of Cybersecurity tools and participate in periodic heath checks of various solutions deployed
Assist in developing and enhancing Cybersecurity strategy and roadmap
Collaborate with Cybersecurity and IT Risk Management peers to improve automated correlation, vulnerability scanning, code review/applications testing and other detection security tools
Manage security tools and associated professional service contracts and deliver capabilities
Oversee onboarding of users (all personas) using self-service and discretionary methods and provide near-real time and birth-right access based on roles
Work with business leaders to define and continually improve roles and role-based access systems
Partner with Infrastructure and Security leadership teams to develop use cases for security automation and response, logging, monitoring, threat defense
Assist Threat and Incident Response Manager and Cybersecurity leadership to investigate potential Indicators of Compromise and tune Security tools to enhance detection and prevention capabilities
Partner with IT Risk and Compliance leadership to co-develop application security and Secure SDLC for Fairview
Participate in RED/BLUE/PURPLE teaming exercises orchestrated at Fairview by Cybersecurity and BCP/DR teams
Contribute to the execution of Cyber Security operations, incident response, and investigations spanning across all functions of the Cybersecurity organization
Leverage the incident case management solution to document and report on incidents to meet audit compliance requirements
Mentor, empower, and develop of team members.
Manages a multi-disciplinary and combination of employee and non-employee development/engineering teams using agile Azure DevOps
Bachelors degree in Computer Science, Engineering or associated fields OR combination of relevant education/experience.
12 years of experience in IT and associated fields with minimum of 8 years in Information Security area
3+ years of experience in building and/or running Security design & engineering aspects of Digital Identity Access Management, Security Vulnerability Management, Logging and Monitoring, Network Security, Data Security, Application Security, User Onboarding & Self-service areas
Experience in delivering large multi-year strategic Cybersecurity programs under budgetary, timeline and other resource constraints
Familiarity in Cybersecurity Incident triage, analysis and root cause including digital and incident forensics
Awareness of tools, techniques used by hackers to breach networks, server systems, cloud workloads or applications
Exposure to Zero Trust Security approach and methods
Experience in integrating merged/acquired entities and providing secure IT solutions through B2B/B2C federation models
Experience in engineering and deploying mobile first, cloud first IT solutions leveraging industry leading Cybersecurity frameworks and tools
Experience in overseeing SecDevOps based project delivery associated to implementation of cybersecurity tools and technologies
Demonstrated understanding of security related technologies and practices, including: authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, network and Host Incident Detection and Prevention, Data Loss Prevention, Data Security, risk based and strong authentication, cloud access security, secure remote access, firewalls, Application Security etc.
Diverse technical background and exposure to enterprise networking, firewall, storage options, server infrastructure, operating systems, application development, database technologies, and desktop operating systems and cybersecurity.
Excellent abilities to effectively communicate both verbally and written with all levels within the organization
Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills both in-person and remote work environments
Deliver on SLA/OLA commitments under tight deadlines and/or budgetary and other resource constraints
Bachelors or higher degree in Computer Science, Cybersecurity, Engineering or associated fields
15 years of experience in Cybersecurity and infrastructure management areas
5 years of experience in managing people and delivering large information security programs
Experience working in the healthcare services industry or other highly regulated and/or compliance-oriented environments.
Experience in managing financials and resourcing planning needs greater than $5m annual budgets
Managing delivery of Security programs using strategic and global teams
Industry certifications such as Security+, CISSP (Certified Information Systems Security Professional), CISM etc.
Together with the University of Minnesota and University of Minnesota Physicians we have created M Health Fairview. M Health Fairview is the newly expanded collaboration among the University of Minnesota, University of Minnesota Physicians, and Fairview Health Services. The healthcare system combines the best of academic and community medicine — expanding access to world-class, breakthrough care through our 10 hospitals and 60 clinics.
Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 10 hospitals—including an academic medical center and long-term care hospital—serving the greater Twin Cities metro area.
Its broad continuum also includes 60 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider netwo...rk and health insurer PreferredOne. In partnership with the University of Minnesota, Fairview’s 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education.