Ardent Health Services is a leading provider of healthcare in communities across the country. Through its subsidiaries, Ardent owns and operates nearly 200 sites of care and 30 hospitals across six states. Together, our 24,000 employees and 1,200 employed providers touch more than 10,000 lives each day. With six Ardent entities earning recognition on Modern Healthcare's Best Places to Work list in 2022, Ardent and its facilities continue to earn recognition for outstanding workplace cultures where team members feel a sense of belonging and have opportunities to grow their careers. Ardent has also been recognized by Comparably's Best Places to Work Awards, earning honors in the Best CEO, Best Company for Women, Best Leadership Teams and Best Work Life Balance categories among others.

POSITION SUMMARY

The Information Security Manager, Incident Response is responsible for both working independently and leading a team of security professionals who respond to cyber-attacks, network intrusions, and computer crimes. The Incident Security Manager, Incident Response manages all aspects of the incident response from initiation to conclusion. Assesses the nature of the incident and determined what resources are needed to resolve and restore services. Leads communications and calls with all parties involved providing periodic updates throughout the process. Additionally, the Information Security Manager, Incident Response manager documents all activities occurring during the incident following policy, procedures, and established methodologies. Conducts root cause analysis for each event and defines follow-up action items including recommendations. Coordinates with others to implement recommendations and other countermeasures. A successful candidate in this role strives to enforce Information security best practices, policies, standards, and guidance to ensure the safeguard of proprietary data, physical infrastructure and resources from internal and external threats.

In addition to the above requirements, the Information Security Manager, Incident Response is responsible to help develop other members of the team, including Jr./Sr. Information Security Analyst/Engineers.

• Manage / define incident response processes, procedures, and playbooks.
• Coordinates tabletop exercises / training.
• Create incident reports and maintain incident logs.
• Build / Maintain an incident response toolkit.
• Research and recommend solutions that meet security standards while ensuring functionality for business continuity.
• Mentor security engineers/analyst in their professional growth.
• Assist in development of disaster recovery and contingency plans.
• Work closely with Threat and Vulnerability team to develop purple team process, procedures and exercises.

Education and Experience:

• BS/BA degree in computer science, information technology or specialized information security technical training.
• A reputable security certification (GIAC GCIH, E|CIH, IHRP, CSIH/CIHE, CISSP, CISSP w/specialization HCISPP, etc.).
• An advanced degree is preferred.
• A minimum of 6 years of progressive Information Security experience.
• Previous team lead or management experience is required.
• Threat hunting experience is required.
• ITIL experience - managing incidents, requests, and changes.
• Experience in security architecture design is preferred.

Knowledge, Skills and Abilities:

• Knowledge of Federal and state laws regarding security and privacy of electronic information assets, within the context of the healthcare industry is highly preferred (e.g., HIPAA, Sarbanes-Oxley, etc.).
• Knowledge of Industry security frameworks (e.g., NIST).
• Taking initiatives toward personal development such as maintaining skills and obtaining professional certifications (e.g., Information Systems Security Association, Certified Information Systems Security Professional, etc.).
• Ability to balance the seriousness of protecting electronic information assets with the need to enable users to effectively and efficiently use systems to perform job responsibilities, while continuing to emphasize quality patient care.
• Strong customer service focus and ability to manage client (e.g., facility) expectations.
• Excellent oral and written communication skills with the ability to present and discuss technical information in a manner suitable for the audience.
• Working knowledge of Microsoft Active Directory.
• In-depth knowledge of various operating systems including Windows and Linux, etc.
• Ability to analyze all layers of the OSI model from the security stance.
• Prepare and present plans / designs to IT and business leaders.
• Knowledge of common and emerging attack vectors, penetration methods, countermeasures, and remediation methods.
• Familiarity with information security forensics and incident response.
• In depth knowledge of networking technologies and architecture.
• Prioritize tasks effectively to meet project deadlines and deliverables.
• Excellent problem-solving ability.
• High degree of self-motivation.
• Solving complex problems with information technology.
• Ability to handle stressful situations.
• Ability to collaborate with IT and business departments to identify, contain, eradicate, and recover.
• Excellent written and oral communication skills.
• Competent using the Microsoft Office suite of products.
• Demonstrates the core values of inquisitive, passionate, positive attitude, and team minded.
• Ability to mentor / train team members.
• Must be willing to travel occasionally.
• Must be willing to respond to security issues 24x7.