Senior IT Director - CyberSec

Status: closed

For a major healthcare company.

Salary expectations (package: +/- $215,000 based on experience)

Careers that Change Lives
In this critical role, you will act as Deputy CISO, reporting to the VP CISO, leading a team of IT/Cybersecurity professionals, ensuring the highest security standards across the Enterprise. We look for leaders who have a clear vision of where we are going and how to get there, bold inclusive thinkers who create new ideas and bring our best solutions forward to benefit our patients, business partners, and customers .

A Day in the Life
Responsibilities may include the following and other duties may be assigned.

Cyber Defense

Develop and execute strategies and provide direct oversight for the Medtronic Global Security Incident Management program.
Ensure appropriate incident communications for different audiences are established (internally and externally) and implemented.
Ensure root cause analysis is established and implemented for key incident lessons learned and takeaways.
Lead the Enterprise Security Tools team, including influencing technical strategies for security tools
Lead the Attack Surface Reduction team, including the outward education/awareness and influence of remediation of enterprise system vulnerabilities discovered via scanning and/or penetration testing
Manage the Medtronic Forensics lab and maintain relationships with key partners such as Legal, Compliance, Audit and HR.
Partner and align with the Medtronic Global Command Center for timely incident response, notification and active incident management.
Partner and align with the Global Privacy Office for timely incident response, notification and active incident management.
Provide reporting, metrics, and appropriate upward/downward escalation of key incidents to management and councils.

Leadership

Enable partnerships with key internal business partners and individuals at all levels such as Legal, Facilities, Audit, HR, Corporate Communications, and other Business Unit stakeholders. Maintain ongoing Business and Global IT relationship management
Ensure that strict standards of confidentiality and high integrity are maintained across the teams, based on the sensitivity of the work being performed.
Manage activities of a team with responsibility for results in terms of costs, methods and employees.Accomplishes results through subordinate managers, supervisors or exempt specialist employees. Recommends organizational structures of functions and units.
Provide leadership, management, and development of the department employees including performance management, individual development planning, succession planning, employee communications, and positive working environment to ensure high productivity, employee engagement, and performance.
Represent the organizational unit as a prime internal and external contact on security related contracts or operations.
Work continuously to maintain a very high-level of awareness of new trends, threats, and the constantly changing cyber landscape.Respond quickly and appropriately to these changes with modifications to strategies and approaches in order to protect the company.
Conduct briefings and technical meetings for top management and customer representatives.Interacts with senior leadership and equivalent concerning matters of significance to Medtronic.
Be responsible for and provide direction to projects and initiatives. Provides guidance to staff to meet schedules or resolve technical or operational problems. Directly participates in establishing and administering many functional projects. Develops and administers budgets, schedules, and performance standards.
Influence the development of overall objectives and long-range goals of the organization.
Develop, plan, manage, and forecast associated cost center(s), unit costs, employee complement, capital expenditures, and charge back rates.Lead the development of cost center budget and operational plan and manage expenses to plan.
Evaluate, negotiate, develop, and manage preferred vendor relationships to provide Medtronic with the highest value, lowest overall cost with highest quality service globally.Lead domestic and international vendor bidding and formal Request for Proposal processes.Monitor contract compliance on an ongoing basis.Evaluate pricing and quality of services against Medtronic’s requirements.
Work cross-functionally with peers to develop and influence consistent practices related to staff development, performance management, client quality programs, cost management, and the promotion of Global Business Solutions.Establish appropriate relationships at all levels within the organization to influence and execute strategy/operations.
Establish and maintain strong external peer connections in the interest of cyber information sharing and collaboration.
Continually benchmark against relevant industries and peer groups to look for continuous improvement opportunities, new techniques and tools, and measure Medtronic against similar functions.Develop business-relevant metrics to measure the effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program.
Maintain a strong understanding of security technologies, risks and capabilities.
Develop in depth understanding of business processes and business dependencies on supported technologies.
Other duties as assigned.

Must Have: Minimum Requirements

Bachelors degree
15+ (13+ with advanced degree) years of information technology experience
10+ years of information security focus
7+ years team leadership or staff management experience.

Specialized skills or experience

Previous work experience working as on the vendor/consultant side of the IT Security profession.

Previous work experience dealing with Forensic, investigative and legal investigations.
Previous IT management experience at a Global Fortune 500 company.

Nice to Have

Previous experience creating/implementing Information Security strategy across a large company
Advanced degree in Computer Science or engineering; CISSP or similar professional IT security certifications.
Demonstrated results orientation (driving to deadlines, financial targets, project goals, etc.).
Strong business acumen and global orientation.
Ability to work collaboratively and partner with employees, peers, leaders, clients, key stakeholders and vendors.
Demonstrated ability to provide strong Project Management skills and expertise. Ability to manage the day-to-day information security risk functions across multiple projects and initiatives in Global IT.
Personnel Scope – Previous experience managing multiple teams, including matrixed teams containing external resources, service providers, consultants and partnerships.
Employee Development – Previous experience in recruiting and developing talent; proactively lead personnel development activities and mentoring, including a succession plan for managed teams
Financial Accountability – Demonstrated ability and experience managing multiple cost centers, programs and budget accountability.
Communication Skills – Demonstrated excellent communication skills at all levels in the organization; strong negotiator and strong influence & presentation skills.
Leadership – Demonstrated leadership skills & high integrity presence; clearly conveys vision & purpose to workforce
Administration – Previous experience in ensuring that functional area complies with administrative requirements including forecasting and budgeting; status reporting, and personnel administration.
Proven ability to take down barriers and build highly successful, high-functioning and accountable organizations.
Previous experience managing the integration of IT functions and organizations.