Director, Cybersecurity - Cyber Defense Operations

We are so glad you are interested in joining Sutter Health!

Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

The Director of Cyber Defense Operations leads Sutter Health’s enterprise cybersecurity defense capabilities, responsible for protecting critical clinical, operational, and digital assets against evolving cyber threats. This role provides strategic and operational leadership across core defensive functions including Security Operations Center (SOC), Incident Response (IR), Threat Intelligence, Detection Engineering, Security Automation, and Adversary Simulation.
The Director is accountable for delivering 24/7 threat detection, rapid incident containment, and coordinated response across the organization, while continuously improving defensive capabilities through automation, intelligence-driven operations, and measurable risk reduction. This leader drives alignment across cybersecurity, IT, clinical engineering, legal, and business teams to ensure resilience against cyber events that could impact patient care and operations.
This role also owns the maturity and performance of the cyber defense program, establishing roadmaps, operational metrics, and executive reporting that demonstrate control effectiveness, detection coverage, and overall security posture improvement. The Director partners closely with Security Engineering, Data Protection, and GRC leaders to ensure a fully integrated, threat-informed defense strategy aligned to enterprise risk priorities.

Job Description:

EDUCATION:
Equivalent experience will be accepted in lieu of the required degree or diploma.

• Bachelor's: Business, Cybersecurity, Computer Science, Information Technology/Security, Risk Management, or related field or equivalent education/experience

CERTIFICATION & LICENSURE

• CISSP-Certified Information Systems Security Professional within 1 Year of hire

TYPICAL EXPERIENCE:

• 12 years recent relevant experience.

PREFERRED EXPERIENCE:

• Leadership experience overseeing Cyber Defense Operations functions including SOC, Incident Response, Threat Intelligence, Detection Engineering, and Incident Response in a large enterprise environment.

• Hands-on experience with SIEM, SOAR, EDR/XDR, threat hunting, automation, and security monitoring technologies.

• Proven ability to build and inspire high-performing cybersecurity teams through mentorship, Capture the Flag (CTF) events, attack demonstrations, tabletop exercises, and continuous technical development.

• Strong communication and executive presence with experience delivering cybersecurity metrics, threat intelligence reporting, operational dashboards, and risk updates to technical and business stakeholders.

• Experience defending healthcare environments and protecting critical systems, PHI, and clinical operations against modern cybersecurity threats including ransomware and advanced adversary activity.

SKILLS AND KNOWLEDGE:

• Solid expertise in formal/structured information security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications.

• In-depth knowledge of information security technologies, infrastructures, methodologies, frameworks, techniques, security incident and event monitoring (SIEM) solutions (e.g., Splunk Enterprise Security, IBM QRadar, HP ArcSight, etc.), compliance reporting, and the development and implementation of these concepts to manage risk within a clinical environment.

• Extensive knowledge and understanding of current and emerging digital security trends, risks, threats, countermeasures, vulnerabilities, and mitigations ranging across the technologies required for securing applications, data centers, networks, and third-party access to data, applications, and resources.

• Broad working knowledge of health care operations and their related data/software/hardware requirements including, but not limited to, hospitals, clinics, medical offices, and their information technology needs.

• Detailed knowledge of state and federal information security, cyber security, compliance and privacy-related regulatory requirements, including a comprehensive understanding of National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and other recognized industry security standards and best practices.

• Comprehensive understanding of information confidentiality and integrity requirements especially as it relates to patient information in a healthcare environment (electronic health/medical records (EHR/EMR), Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), etc.).

• Superior business acumen and exceptional leadership skills to provide innovative solutions to complex problems and leveraging appropriate internal/external resources to meet corporate objectives.

• Expertise in building cross-functional team, fostering consensus, resolving conflicts, and managing risk, in addition to being an effective decision maker and expert delegator.

• Organizational skills with an understanding of team building and organizational dynamics, including creative problem identification and resolution, conceptualization, and contingency thinking skills.

• Advanced project management skills, including the ability to manage multidisciplinary teams that successfully define, develop, and deliver various information security solutions.

• Attention to detail with exceptional analytical skills in problem identification, analysis, and innovative resolution.

• Verbal and written communication, interpersonal, and presentation skills with the ability to present regulatory requirements, directives, ideas, and concepts effectively to a diverse audience

• Advanced level of computer and application competency including Excel, Power Point, Word, and Project and relational database management systems.

• Adapt to changing or challenging initiatives while developing new ideas and approaches aimed at improving results.

• Foster an environment of collaboration at all levels of the organization, including engaging and influencing individuals or groups with various opinions and levels of knowledge, building consensus, and then enlisting cooperation without direct control/authority.

These Principal Accountabilities, Requirements and Qualifications are not exhaustive, but are merely the most descriptive of the current job. Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change (for example, emergencies, staff changes, workload, or technical development).
 

Job Shift:

Days

Schedule:

Full Time

Days of the Week:

Monday - Friday

Weekend Requirements:

As Needed

Benefits:

Yes

Unions:

No

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $260,312.00 to $416,520.00 / annual salary

The compensation range may vary based on the geographic location where the position is filled. Total compensation considers multiple factors, including, but not limited to a candidate’s experience, education, skills, licensure, certifications, departmental equity, training, and organizational needs. Base pay is only one component of Sutter Health’s comprehensive total rewards program. Eligible positions also include a comprehensive benefits package.