The Director, Operations Security works closely with key representatives from DeepHealth Operations, IT Infrastructure, Compliance, Legal, IT Operations, and IT Governance teams to lead efforts ensuring the protection of DeepHealth’s critical assets while developing and implementing comprehensive CyberSecurity strategies. Integrates security trust principles into organizational operations through the enforcement of SOX IT Controls and Standards. Identifies and mitigates security risks, implements detective and preventative functions to monitor system threats and manages security incident response. Responsible for identifying, implementing and managing integrated technologies to measure and ensure adherence within the operating system infrastructure. Educates the Enterprise on cyber best-practices and cyber-awareness. The Director, Operations Security is responsible for DeepHealth's CyberSecurity team.
Minimum Qualifications, Education And Experience
- Proven experience in a senior CyberSecurity leadership role.
- Strong background in developing and implementing CyberSecurity strategies.
- In-depth knowledge of CyberSecurity risk frameworks, technologies and tools.
- Demonstrated ability to lead and motivate a diverse CyberSecurity team.
- Strong decision-making and problem-solving skills.
- Up-to-date knowledge of the latest CyberSecurity trends, threats, and solutions.
- Strong analytical skills.
- Ability to translate technical or complex concepts into user-friendly language.
- Ability to collaborate, working closely with both functional and technical teams.
- Ability to remain flexible as priorities change, adapt to change, and accept ambiguity.
- Ability to work independently and within a team environment.
- Excellent communication skills, including speaking in front of others.
- Must be meticulously organized and self-motivated.
- Strong interpersonal skills.
- Must be able to work independently.
- Proven experience in securing public cloud infrastructure and deploying best practices.
Preferred Certifications
Quality Standards
- Attends regular corporate meetings as requested.
- Communicates, cooperates, and consistently functions professionally and harmoniously with all levels of supervision, co-workers, patients, visitors, and vendors.
- Demonstrates initiative, personal awareness, professionalism and integrity, and exercises confidentiality in all areas of performance.
- Follows all local, state and federal laws concerning employment to include but not limited to: I-9, Harassment, EEOC, Civil rights and ADA.
- Follows OSHA regulations, DeepHealth and site protocols, policies and procedures.
- Follows HIPAA, compliance, privacy, safety and confidentiality standards at all times.
- Practices universal safety precautions.
- Promotes good public relations on the phone and in person.
- Adapts and is willing to learn new tasks, methods, and systems.
- Reports to work regularly as scheduled; consistently punctual with respect to working hours, meal and rest breaks, and maintains satisfactory personal attendance in accordance with DeepHealth guidelines.
- Consistently adheres to the time management policies and procedures.
- Completes job responsibilities in a quality and timely manner.
PHYSICAL DEMANDS
This position often requires sitting, standing, walking, bending, twisting, reaching with hands and arms, using hands and fingers, handling or feeling, speaking, listening and high-level cognitive thinking. This position also requires the ability to lift boxes and equipment up to 50lbs. Must be able to use a computer and other office machinery, including copiers, scanners, and computer software.
WORKING ENVIRONMENT
This position is a remote position with travel to corporate offices.
ACCOMMODATIONS
Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of the job.
Essential Duties And Responsibilities
- Maintains deep understanding of DeepHealth's IT-related technology and processes for all applications and systems.
- Develops and executes a strategic CyberSecurity vision aligned with organizational goals.
- Provides leadership in the planning and implementation of CyberSecurity programs and initiatives.
- Identify, assess, and prioritize CyberSecurity risks and vulnerabilities.
- Implements risk mitigation strategies and ensure compliance with industry standards and regulations.
- Provides insights and recommendations on risk management to IT and executive leadership.
- Leads incident response efforts, coordinating with internal teams and external partners.
- Establishes, maintains and tests an effective incident response plan.
- Participates in the review and development of IT Policy documentation.
- Designs and implements robust security architectures for networks, systems, and applications.
- Ensures the integration of security measures into the organization's infrastructure.
- Directs, builds, and leads a high-performing CyberSecurity team.
- Fosters a culture of continuous learning and professional development.
- Stays current with CyberSecurity laws, regulations, and industry best practices.
- Ensures compliance with relevant standards and frameworks.
- Collaborates to develop and manage CyberSecurity awareness programs for employees.
- Promotes a culture of security consciousness throughout the organization.
- Works closely with IT teams, legal, compliance, and other stakeholders to align CyberSecurity initiatives with business objectives.
- Collaborates with external partners, vendors, and industry peers.
- Manages security aspects related to public cloud infrastructure, ensuring a secure and compliant cloud environment
- Develops and implements strategies for monitoring and securing cloud-based assets and services.
- Collaborates with cloud service providers to enhance security controls and practices.
- Ensures the alignment of cloud security measures with overall organizational CyberSecurity goals.
PLEASE NOTE: This is not an exhaustive list of all duties, responsibilities and requirements of the position described above. Other functions may be assigned and management retains the right to add or change duties at any time.