CommonSpirit Health Manager, Cybersecurity Engineering Endpoint Protection in ENGLEWOOD, Colorado
CommonSpirit Health is the second largest not-for-profit health care provider in the United States. With 142 hospitals and over 700 care sites across 21 states, CommonSpirit cares for millions of patients each year and employs over 150K people. As a mission-driven health system, CommonSpirit is committed to building healthier communities, advocating for the poor and disenfranchised, and innovating how and where healing can happen—both inside our hospitals and out in the community
The Cybersecurity Engineering Endpoint Protection Manager leads the implementation, and continual improvement of cybersecurity compliance, posture, technologies, and processes while providing input into the strategies CommonSpirit employs overall. Charged with protecting confidential information and maintaining the availability and integrity of data in a complex, large-scale IT ecosystem through strong knowledge of industry trends and current and emerging security risks.
The Cybersecurity Engineering Endpoint Protection team manages a foundational element of CommonSpirit’s overall security strategy by developing, adapting and sustaining a technology platform that protects the confidentiality, integrity and availability of our patients’ and workforce data on the endpoint. The EndPoint manger will continue to evolve this technology platform, assessing new threats that emerge and integrating security controls into digital platforms that CommonSpirit creates to improve patient experience and outcomes. This process will be continual, with many changes being incremental and others more far reaching to maintain the protections our consumers and workforce expect. The Endpoint manger’s scope is across all endpoints including laptops, desktops, servers, and workloads whether they are remote, virtual, physical or cloud based endpoints.
The Endpoint Manager will lead a multifaceted team of cyber security endpoint engineers and analysts who build and configure the security controls which protect CommonSpirit endpoints. The manager, while working with other stakeholders inside and external to the cybersecurity organization, is responsible for identifying risk reduction opportunities that can be enabled through technology, configuring and testing such enhancements to minimize operational disruption and maximize security, and then implementing these enhancements in a way that promotes quality outcomes.
The Endpoint Manager will report directly to the Director of Cybersecurity Solution Engineering. The manager will demonstrate measurable progress on risk reduction and operational availability of security controls within her or his purview.
The Endpoint Manager will lead and inspire a dedicated group of cyber professionals. She or he will build and maintain programs that develop employees with technical and soft-skills, enabling them for growth. The manager is also responsible for setting priorities for the End Point team while listening to employees and stakeholders. They will build security controls for interoperability, availability and efficacy. They will develop and report on measurements that show outcomes across the categories of security risk reduction and engineering quality.
The Endpoint manager will work with peers in the following areas:
End User Computing
Governance, Risk & Compliance
Cyber Fusion Center
Other Cyber Solution Engineering Teams
The Endpoint manager will work with the following stakeholders, usually at the Director level or below, in the course of her or his responsibilities:
End User Computing
Mobile & Digital
Privacy & Compliance
The successful candidate will have demonstrable experience and skills in the following areas:
People/Talent leadership: attracts, hires and builds high-performing teams, empowers people and rewards results; achieves results through clearly articulated goals, discernment, priorities and a belief in the positive intentions of our employees. Takes an active role in developing talent. Builds and enables a highly engaged, high performing team. Strong communicator.
Operational leadership: demonstrates organizational agility and an ability to build a high performance culture which models the willingness, leadership, and courage to challenge the status quo; fosters creativity; problem solves/acts quickly to activate change, innovation and resilience. Delivers a highly stable, robust environment for CommonSpirit and enables our business. Thinks “human first” in operational experiences delivered. Shows discipline of execution and delivery.
Financial leadership: understands the organization’s financial processes. Prepares, justifies and administers her/his budget. Oversees procurement and contracting to achieve desired results. Monitors expenditures and uses cost benefit thinking to (re)set priorities. Focuses on value creation for CommonSpirit Health – this includes IT centric cost management and business results. Drives a fiscal disciplined behavior in her/his organization. Thinks long term and short term while managing finance and value creation.
Technical leadership: demonstrates breadth and depth of professional/technical skills and capabilities required for position; shares knowledge; sets or contributes to the organization's direction within area of expertise. Leads to drive value for CommonSpirit through technology. Influences with fluency on technology related change.
Strategic Leadership: demonstrates the process of using well considered tactics to establish/communicate a vision for an organization or one of its parts. Fluently thinks between needs for today, while planning for the near and far future. Understand the competitive landscape, industry directions. Aligns with CommonSpirit Health IT & Digital strategy, builds their own game plan, communicates and delivers on the strategy.
Lead a team of cyber professionals, helping with their skills development and engagement to create a high performance culture. Manage staffing and attrition. Build a best place to work environment for our employees and contractors.
Participate and lead strategic planning, deployment, and development of information security processes, technologies, and associated program enhancements focused on several key protection efforts within the organization:
Cybersecurity Engineering for the following platforms: Anti-virus, HIPS, Host Firewall, Reputation and Behavior protection, USB security controls, Data at rest encryption, Endpoint Detection and Response, Mobile device security, and workstation administrator security control management
Ensure security controls are in place by the appropriate teams both in Cybersecurity and IT Delivery to ensure that security policies, components, procedures and protocols are being met to protect, detect and respond to ongoing threats
Develop and standardize processes, procedures, and controls to reduce Cybersecurity risk across the organization
Ensure appropriate security metrics are developed, collected, reviewed, and acted upon on a continual basis, including preparing senior-level technical reports for executive management
Oversee team efforts for implementation of key security controls, reporting progress to senior leadership on a consistent basis
Develop and communicate information security goals and programs effectively to senior security leadership and other department leads within Cybersecurity and across appropriate IT functions
Supervise staff including conducting performance evaluations, coordinating training, and implement hiring, discipline, and termination procedures
Maintain an in-depth understanding of evolving security processes, products, controls, and the threat landscape to develop continual improvements to strengthen the security posture of the organization
Develop processes to govern the posture of security controls and response mechanisms within the technical IT environments
Continually improve and measure organizational processes and performance through the lens of both quality and efficiency, returning an increasing amount of value to the organization while supporting the availability and usability of critical technologies. Meet and/or exceed service level objectives.
Coordinate and liaise with various Cybersecurity vendor partners to ensure appropriate security controls are implemented, maintained and enhanced
Collaborate with internal and external auditors and remediate identified risks rapidly and effectively.
Assist with compliance audits and incidence response investigations as necessary
Assess technology performance through the lens of cost, efficacy and usability. Tune technologies to balance security and usability. Retool technologies where necessary.
Bachelor’s degree in related technical/business area
Security Certification (ie. CISSP, CISM, etc) preferred
5+ years of relevant security experience required
1+ years Security leadership experience
May substitute an equivalent combination of education and experience
Strong skills and experience in the following:
Cybersecurity Endpoint Protection Platforms
Cybersecurity Data at Rest Encryption
Cybersecurity Mobile Threat Defense
Problem solving and analytical capabilities
Ability to prioritize workloads and personnel
Written and verbal communication
Influence and negotiation skills
Managing cross-functional, internal, and outsourced teams
Building, leading and sustaining high performing teams
Building and leading strategic programs
Connect With Us!
Not ready to apply, or can't find a relevant opportunity?
to learn more about a career at CommonSpirit Health and experience #humankindness.
CommonSpirit Health™ is an Equal Opportunity employer committed to a diverse and inclusive workforce. All qualified applicants will be considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, parental status, ancestry, veteran status, genetic information, or any other characteristic protected by law.
External hires must pass a post offer, pre-employment background check/drug screen. Qualified applicants with an arrest and/or conviction will be considered for employment in a manner consistent with federal and state laws, as well as applicable local ordinances, ban the box laws, including but not limited to the San Francisco and Los Angeles Fair Chance Ordinances .
If you need a reasonable accommodation for any part of the employment process, please contact us by telephone at (415) 438-5575 and let us know the nature of your request . We will only respond to messages left that involve a request for a reasonable accommodation in the application process. We will accommodate the needs of any qualified candidate who requests a reasonable accommodation under the Americans with Disabilities Act (ADA).
CommonSpirit Health participates in E-verify.
Requisition ID 2020-130960
Employment Type Full Time
Department IT Security
Hours Per Pay Period 80
Facility CHI National Offices
Standard Hours Monday - Friday 8am - 5pm
Work Schedule 8 Hour