Summary:

The Manager, Cyber Security is responsible for establishing and maintaining the enterprise vision, strategy, architecture, and assisting in developing the multi-year roadmap that ensures that the company’s information assets are adequately protected.

A key element of this role is communicating cyber security concepts at a strategic level to senior management, Board members, and evangelizing cyber security across the business to drive adoption of best practices.

The Manager, Cyber Security Engineering will manage a small team of dedicated cyber security team members in India.

Collaborate with the Dir, CSEA to develop and implement a strategic, long-term information security strategy and roadmap to ensure that GHX’s information assets are adequately protected.

Work with senior leaders across the business to assess and communicate acceptable levels of risk.

Identify, evaluate and report on information security risks, practices and projects to the senior security management, and provide subject matter expertise on cyber security engineering in line with standards and best practices (e.g. FedRAMP, PCI, ISO etc.).

Provide input into the development of up-to-date cyber security policies, procedures, standards and guidelines, and assist in their approval, dissemination, and maintenance.

Ensure that the cyber security management program is following applicable laws, regulations, and contractual requirements.

Act as the champion for the enterprise cyber security program and foster a security-aware culture.

Oversee the evaluation, selection and implementation of information security solutions that are innovative, cost-effective, and minimally disruptive.

Partner with enterprise architects, infrastructure, and applications teams to ensure that security controls are developed and maintained according to security policies and guidelines.

Assist in developing business metrics to measure the effectiveness of the security management program, and increase the maturity of the program over time.

Monitor the industry and external environment for emerging threats and advise relevant stakeholders on appropriate courses of action.

Assist in incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters.

What You Will Need

Bachelor’s degree in computer science or related field plus 8 years related experience, OR Master’s degree plus 3 years related experience.

Confirmed experience related to hands on technical focus across many areas of security engineering (Ex: Network Segmentation, firewalls, secure remote access, cloud security, IAM, PAM, EDR, DLP etc.)

A proven track record in developing information security policies and procedures, and successful execution.

Extensive knowledge of business risk, risk assessment and risk-based decision making.

Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms), including executive level.

Ability to inspire and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals; an innovative leader, problem solver and consultant.

Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function.

Management experience with demonstrated deliveries in developing a team.

Excellent written and verbal communication, interpersonal and collaborative skills.

Experienced with contract and vendor negotiations.

Ability to effectively prioritize and execute tasks in high-pressure situations.

Knowledge of security, risk and control frameworks and standards such as ISO 27001 and 27002, NIST 800-53, HITRUST and FedRAMP.

Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy.

Technical acumen including but not limited to: Security Engineering, IT infrastructure, cloud, application development languages, tools and frameworks, database technologies, web technologies, next gen mobile, network architecture, enterprise architecture, and directory services.

Security technology acumen and experience including but not limited to:

firewall, intrusion detection, cyber-attack tools and defenses, encryption,

certificate authority, web filtering, anti-malware, anti-phishing, identity and

access management, multi factor authentication.

GHX: It's the way you do business in healthcare
Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer
Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.

GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Apply for this Job

* Required

First Name *

Last Name *

Email *

Phone

Resume/CV

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

Cover Letter

Dropbox Google Drive

(File types: pdf, doc, docx, txt, rtf)

LinkedIn Profile

Website

Candidate Location *

Website

Current CTC *

Expected CTC *

Notice Period *

Current Location *

What city do you live in? *

How do you come across this job opportunity? *

When you apply to a job on this site, the personal data contained in your application will be collected by the GHX Compliance & Privacy Officer (CPO), which is located at 1315 W Century Dr., STE 100, Louisville, CO 80027 and can be contacted by emailing compliance@ghx.com . Your personal data will be processed for the purposes of managing GHX's recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the CPO, which are the solicitation, evaluation, and selection of applicants for employment. Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by GHX to help manage its recruitment and hiring process on the CPO's behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer will be subject to appropriate additional safeguards. You can obtain a copy of the standard contractual clauses by contacting us at humanresources@ghx.com. Your personal data will be retained by GHX as long as GHX determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority. *

Enter the verification code sent to to confirm you are not a robot, then submit your application.

Security Code *

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.

Security Manger

Apply for this Job