Manager-Cybersecurity Engineering

Location: WellSpan Health, Chambersburg, PA

Schedule: Full Time

Schedule Information

Monday - Friday- 8am - 5pm Hybrid

General Summary

Provides strategic direction and guidance for the overall information security technology infrastructure including architecture and advanced support of the operations team. Serves as lead architect and develops long range strategic plans to secure the existing enterprise and ensure that new infrastructure is implemented with security requirements built in. Oversees development of new security protection capabilities, manages day to day output and functions, develops life cycle planning for protection, detection analysis and incident response for all enterprise information security technology operations. Provides and manages all sustainment functions to support the existing security infrastructure in order to maintain critical services in a safe and secure manner. Oversees and manages a highly specialized staff, whose role it is to implement security monitoring capabilities, perform detection analytics, event management, advanced support and incident response. Works closely with the Director-Information Security to identify non-compliance with information security policies and directives and to support information security strategy. Works collaboratively with the implementation organizations to identify, develop and implement security solutions to mitigate threats and to take action in a tactical situation to increase defenses. Enforces Information Services (IS) security controls, safeguards and policies and procedures in accordance with regulatory requirements. Coordinates with peers in organizations outside of WellSpan to form relationships to share incident activity and enhance strategic and tactical protection posture.

Duties and Responsibilities

Essential Functions:

• Develops strategic plans for meeting enterprise strategic requirements and develops an enterprise architecture which identifies standard technologies for use as a baseline for future growth and expansion.

• Consults with IS and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.

• Researches, evaluates, designs, tests, recommends or plans the implementation of new or updated information security hardware or software, and analyzes its impact on the existing environment. Provides technical and managerial expertise for the administration of security tools.

• Designs, builds, tests and implements new technologies to meet the requirements of the existing architecture, business and clinical applications.

• Provides planning services to include research and cost estimating functions.

• Supports and leads project to develop, build and implement new capabilities for the enterprise.

• Leads and performs incident command responsibilities during an IS Security incident.

• Provides all sustainment functions to maintain security infrastructure to include break/fix, emergency services, engineering support, performance and availability monitoring, capacity and reliability analysis, provisioning and sustainment project planning and execution.

• Works with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements. Liaises with IT management to align existing technical installed base and skills with future architectural requirements.

• Develops a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.

Common Expectations:

• Recommends staffing levels, selects and assigns staff, evaluates performance, evaluates/tests competencies (as applicable), provides orientation, training and continuing education of staff, and initiates or makes recommendations for personnel actions.

• Develops, monitors and evaluates budget for area(s) of responsibility.

• Coordinates and integrates services within the department/service line/entity, with other departments/service lines/entities, and with the System's primary functions. Participates in the selection of outside services (if needed).

• Continuously assesses and improves the department/service line/entity/System's performance. Maintains appropriate quality control/assessment programs (if applicable).

• Maintains established policies and procedures, objectives, quality assessment and safety standards.

• Maintains professional growth and development through seminars, workshops, and professional affiliations to keep abreast of latest trends in field of expertise.

• Provides outstanding service to all customers, fosters teamwork and practices fiscal responsibility through improvement and innovation.

Required for All Jobs:

• Performs other related duties as identified.

• WellSpan Health has adopted and implemented a compliance program to support WellSpan's values and standards for professionalism, integrity, and ethics. Expected to support and meet the values and standards of the organization and the performance expectations of the job, the department, and the compliance program.

• WellSpan Health has adopted and implemented a privacy program to safeguard the patient information and the business and operational information of the organization. Expected to support and meet the values and standards of the organization to safeguard patient and business/operational information.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

Physical Demands:

• Standing - Occasionally

• Walking - Occasionally

• Sitting - Frequently

• Reaching - Rarely

• Talking - Frequently

• Hearing - Frequently

• Repetitive Motions - Occasionally

• Eye/Hand/Foot Coordination - Occasionally

Qualifications

Minimum Education:

• Bachelors Degree In Information Technology Engineering Science (e.g., Security, Networking, IT, etc.) or Computer Science. Required

Work Experience:

• 5 years IS or cybersecurity experience. Required and

• 3 years Supervisory experience. Required

• Prior experience in banking, government or healthcare cybersecurity procedures, matrix management and cross-project or cross-functional integration. Preferred

Courses and Training:

• CISSP and/or other certifications. Upon Hire Preferred

Knowledge, Skills, and Abilities:

• Excellent tracking, interpersonal, verbal and written communication skills.

Comprehensive Health Benefits

• Flexible spending and health savings accounts

• Retirement savings plan

• Paid time off (PTO)

• Holidays

• Short-term disability

• Education assistance

• Financial education and support, including DailyPay

• Wellness and Wellbeing program

• Caregiver support via Wellthy

• Financial Wellness via SmartPath

• Childcare referral service via Wellthy

#LI-Hybrid

Apply Now

You’re unique and you belong here.

At WellSpan Health, we are committed to treating all applicants fairly and equitably, regardless of their job classification. If you require assistance or accommodation due to a disability, please reach out to us via email atcareers@wellspan.org. We will evaluate requests for accommodation on a case-by-case basis. Please note that we will only respond to inquiries related to reasonable accommodation from this email address. Rest assured, all requests for assistance or accommodation are handled confidentially, allowing applicants to share their needs openly and honestly with us.

WellSpan Health is an Equal Opportunity Employer. It is the policy and intention of the System to maintain consistent and equal treatment toward applicants and employees of all job classifications without regard to age, sex, race, color, religion, sexual orientation, gender identity, transgender status, national origin, ancestry, veteran status, disability, or any other legally protected characteristic.