Executive Director, Security Operations and Incident Response

Posted 22 Days Ago
Easy Apply
Hiring Remotely in United States
Remote
Senior level
Cloud • Healthtech • Payments • Professional Services • Software • Analytics • Automation
Healthcare’s Trusted Partner for Supply Chain Technology, Data and Services
The Role
The Executive Director of Security Operations is responsible for leading global security monitoring and incident response programs, coordinating cross-functional teams, and developing cybersecurity strategies. This role includes managing teams for incident response, threat intelligence, and digital forensics, while optimizing security processes and engaging with executive leadership on major initiatives.
Summary Generated by Built In

We’re looking for a security-minded, hands-on leader with extensive Incident Response (IR) and Threat Intelligence experience to support our global 24x7 security monitoring and IR programs.   The candidate must be an experienced incident response leader with a strong track record of coordinating cross-functional teams (Compliance, Legal, HR, Corporate IT, Product Engineering, Customer Support) and executive leadership through response and recovery from major security incidents (e.g. data breaches, ransomware, etc.), with minimal impact to the business.  The candidate must have strong operational knowledge of the security tool landscape and has a track record of optimizing and automating processes to achieve measurable efficiency and accuracy gains. This role is integral to the Cybersecurity program, and works directly alongside the Security Architecture / Engineering, Tech Infrastructure and Network teams. 

Responsibilities 

  • Be a thought leader and industry expert for all functions under Security Operations 
  • Develop and lead a team of cybersecurity experts to manage global Security Operations functions such as monitoring and detection, incident response, threat and vulnerability management, threat intelligence, digital forensics & investigations, threat hunting, and insider threat.     
  • Develop and execute on Security Operations strategy, and partner with Security Architecture and Engineering to deliver new or enhance existing security controls and analyze/maintain new or existing security applications/products including SIEM, vulnerability management tools, intrusion detection and prevention, data leakage protection, network security analysis, firewalls (network and application), and Cloud security controls.  
  • Proven experience developing SIEM and logging feeds architecture and creating processes that translate logs into actional security events 
  • Engage with executive level leaders, including board members and customers, to explain concepts, present roadshows for major initiatives and programs 
  • Lead global security operations projects and act as the leader and mentor to Security Operations Engineers  
  • Designing and implementing security processes to support security monitoring and incident response using best-in-class security engineering principles; experience with the MITRE ATT&CK Framework and its Tactics and Techniques. 
  • Strong experience with security metrics and measurements and process automation – understand how to measure monitoring/IR processes and how to improve them based on historical data 
  • Partner with Security Engineers to identify and evaluate best in class security solutions and plan production deployments and help document runbooks accordingly 
  • Lead or coordinate enterprise cybersecurity tabletop exercises across cross-function teams  
  • Lead and develop processes to support a cybersecurity forensics and investigations program 
  • Develop and own Global IR plan and is familiar with IR processes and protocols including Attorney Client Privileged and industry laws, rules, regulations and control frameworks such as HIPAA, HITRUST, and FedRAMP 

 

Knowledge and Skills 

  • Strong understanding of security monitoring and incident response processes and concepts 
  • Strong understanding of MITRE TTPs or similar 
  • Familiarity with control frameworks such as HIPAA, HITRUST, FedRAMP, SOC1/SOC2, and PCI 
  • Demonstrated past contributor and “plugged-in” to the threat intelligence community and various industry sources 
  • Understand what it means to “think like a hacker” and take the attacker’s viewpoint 
  • Familiarity with Dark Web and related concepts 
  • Experience with operating security tools such as Intrusion Detection/Prevention Systems, Email Security, Data Security, Cloud Security, Network and Application Security 
  • Familiar with scripting languages and ability to develop scripts to support logging, monitoring and detection 

 

Required Experience 

  • 10+ years of relevant security operations and threat intelligence experience  
  • 10+ years of IT experience 
  • 5+ years of leadership and leading teams 

 

Preferred Experience 

  • CISSP or equivalent 

 

Key Differentiator 

  • Security Operations, Incident Response and Threat Intelligence experience 
  • Real world experience managing data breaches and major security incidents 
  • Strong communicator, who can remain calm while facing adversity, and who can partner internationally with cross functional technology, security and executive management leaders 
  • Self starter, takes initiative with strong conviction 

 

Estimated Salary range for this position: $136,000 - $197,000

The base salary range represents the anticipated low and high end of the GHX’s salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate’s qualifications, skills, competencies and proficiency for the role. The base salary is one component of GHX’s total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/

GHX: It's the way you do business in healthcare
Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer
Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.

GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Top Skills

Cybersecurity
Incident Response
SIEM
Threat Intelligence

What the Team is Saying

Andy Graziano
Gretchen Bresien
Rachel Stoops
Jennifer Hagaman
Cassie Asare
Charlie Brown
The Company
HQ: Louisville, CO
1,300 Employees
Hybrid Workplace
Year Founded: 2000

What We Do

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together more than 4,100 healthcare providers, and 600 manufacturers and distributors in North America — and another 1,500 providers and 350 suppliers in Europe — who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed, timely and fact-based decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce – not shift – the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year.

Why Work With Us

At GHX we’re a hardworking innovative team, championing new technologies that boldly advance the healthcare supply chain. Our inspiration? To enable better patient care and deliver big cost savings. The work of our diverse team of talented and dedicated professionals impacts healthcare for the better every single day.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

GHX Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
HQLouisville, CO
Baar, CH
Brussels, BE
Cambridge, GB
Düsseldorf, DE
Hilversum, NL
Hyderabad, Telangana
Königstein im Taunus, DE
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account