Director Information Security Operations

Position Summary

Reporting to the VP, Chief Information Security Officer, the Director of Information Security Operations to lead and mature enterprise-wide cybersecurity operations for one of the largest not-for-profit healthcare systems in the United States.

This role is responsible for overseeing day-to-day security operations while driving continued maturity, automation, and resilience across a hybrid security operations model that includes internal teams and a 24x7x365 outsourced MSSP. The Director will lead a highly visible function focused on threat detection, incident response readiness, SOC performance, and protection of clinical, enterprise, cloud, endpoint, and medical device environments.

The ideal candidate is a hands-on, technically strong leader who can operate calmly during major incidents, build and mentor high-performing teams, and communicate complex security topics clearly to executives and business leaders.

• Lead and develop an internal Security Operations team of approximately 8 professionals, including multiple people managers.
• Provide strategic and operational oversight of a 24x7x365 outsourced MSSP SOC, including both onshore and offshore components.
• Establish clear accountability for MSSP performance through well‑defined SLAs, KPIs, and continuous service improvement metrics.
• Serve as a senior escalation point for major security incidents and lead coordinated enterprise response efforts.

• Oversee hybrid SOC operations across internal and vendor‑managed environments.
• Ensure comprehensive log ingestion, validation, and monitoring coverage across endpoints, cloud platforms, enterprise systems, and medical devices.
• Lead development and continuous improvement of detection use cases, alert triage processes, and response workflows.
• Drive the creation, testing, and maintenance of playbooks and runbooks aligned to real‑world healthcare threats.
• Ensure incident response readiness through regular tabletop exercises and cross‑functional coordination.
• Own the enterprise Vulnerability Management program from a Security Operations perspective, including vulnerability discovery, prioritization, tracking, and remediation oversight.
• Provide operational oversight for network security monitoring and response, including firewall telemetry, IDS/IPS, network detection and response, and segmentation controls.

• Drive automation initiatives using best‑in‑class SIEM, SOAR, and AI‑enabled security operations technologies.
• Reduce mean time to detect and respond through orchestration, automated containment, and response workflows.
• Continuously mature the security operations program to address emerging threats, evolving attack techniques, and changes in the healthcare threat landscape.

• Provide operational leadership for:
  Endpoint Detection and Response and XDR, Email security, Cloud security operations, Desktop security, OT and medical device security, Vulnerability Management, and Network Security.
• Partner with MSSP, infrastructure, and application teams to ensure security telemetry and controls are correctly implemented and monitored.

• Act as a trusted security partner to Legal, Risk, Compliance, Privacy, Internal Audit, and executive leadership.
• Translate technical security risks into clear business and patient safety impacts for non‑technical stakeholders.
• Support regulatory, audit, and compliance activities related to security operations and incident response.
• Engage with vendors and service providers to ensure alignment with organizational security objectives.

• Proven leadership experience in enterprise security operations, including direct management of people managers.
• Demonstrated experience managing both internal SOC teams and outsourced MSSP SOC providers.
• Strong hands‑on experience with modern SIEM, SOAR, EDR, XDR, and email security platforms.
• Deep understanding of incident response, threat detection, and security operations processes.
• Ability to lead during high‑pressure incidents with sound judgment and clear communication.
• Stron…