MANAGER, CYBER RESILIENCE, GOVERNANCE, RISK, AND COMPLIANCE (GRC)
Req #:233194Department:UW MEDICINE IT SERVICESAppointing Department Web Address:Job Location: Remote/Hybrid, Seattle - Downtown
Job Location Detail:Primary work location may be fully remote within the US or at the Safeco Plaza Building on the corner of 4th and Madison in downtown Seattle.Posting Date:04/10/2024 Closing Info:
Closes On 04/17/2024Salary:$12,084 - 15,417 per month Other Compensation:Limited Recruitment: Open to Department employees only
If you are a UW employee and would like to be considered for this position, please login to your UW employee profile to apply.
Shift:First Shift
Benefits:
As an employee you will enjoy generous benefits and work/life programs. For detailed information on Benefits for this position, click here.UW MEDICINE IT SERVICES has an outstanding job opportunity for a MANAGER, CYBER RESILIENCE, GOVERNANCE, RISK, AND COMPLIANCE (GRC) position.
PLEASE NOTE: This position is open to current UW Medicine IT Services Employees only.WORK SCHEDULE100% FTE 40 hours per week
Day Shift UW MEDICINE ITS SERVICES CORE HOURS ARE 07:00 16:00 (PST), Monday-FridayPOSITION HIGHLIGHTSLead technical incident response for internal and external reports of information security events.
Provide forensic incident response services for all of UW Medicine and partner entities.
Facilitate enterprise compliance requirements through collaborative governance and consulting activites.
Address specific assurance, risk management, and related compliance issues, including management of enterprise policy/standards, information security risk assessments, and audits.
Grow and mentor a diverse team of professionals through responsible hiring, management, and development activities.
Manage 3rd party relationships and maintain an operational budget for information security vendors, tools, and services.
Manage, report on, and proactively mature a portfolio to include vulnerability management, threat assesment and management, awareness and training, governance, risk management, and incident response/forensics.
Optimize new and existing resource opportunities for building and sustaining effective information security activities, including establishing and maintaining partnerships with key professionals.DEPARTMENT DESCRIPTIONUW Medicine IT Services (ITS) is a shared services organization that supports all of UW Medicine. UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake Campus (UWMC-Montlake), UW Medical Center-Northwest Campus (UWMC-NW), Valley Medical Center (VMC), UW Neighborhood Clinics (UWNC), UW Physicians (UWP), UW School of Medicine (SOM), and Airlift Northwest (ALNW). In addition, UW Medicine shares in the ownership and governance of Children's University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research, and Seattle Children's). ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.
PRIMARY JOB RESPONSIBILITIESYou implement, manage, and mature the information security program and service portfolio in accordance with UW Medicine's information risk and asset protection needs, including risk management, governance, threat management, vulnerability management, awareness and training, and incident response.
You direct information security projects, balancing internal and external dependencies and timelines to meet objectives.
You manage the remediation process, create reports, and provide oversight of IT Services efforts to address and mitigate risks.
You participate in groups and committees to represent risk and security both as an enterprise shared service and critical partner for other enterprise initiatives.
You serve as a liaison for healthcare IT risk and security with UW campuses, UW Medicine business stakeholders, research affiliates, Privacy, Compliance, and Audit groups.
You act as an expert resource for engineers and analysts working on complex technical issues spanning all ITS technologies.
You lead, organize, and motivate multiple teams of information security professionals, including Leads, Cybersecurity Engineers and Analysts (8-10 staff), matrix resources, and student workers.
You instill UW Medicine and ITS vision and guiding principles to all staff; implement mission-oriented HR practices.
You facilitate development, publication, and maintenance of UW Medicine information security standards and policies.
You manage operational, capital, and project budgets including FTE, software licensing, vendor contracts, and other expenditures.REQUIRED QUALIFICATIONSBachelor's degree in Computer Science, Information Technology, Business Administration, or related field or equivalent education and/or experience.
Current security certification (e.g., CISSP, GIAC, CISM, CISA, CEH) or if not currently certified, completion of certification within 1 year of employment in the role.
8
years of overall experience to include the below.
8
years' progressive technology, security, and professional services experience to include several of the following: incident response, risk management, threat management, vulnerability management, governance, audit, and computer forensics.
4
years' experience managing, coaching, and developing high performing teams of security professionals in complex environments to meet operations, enterprise, and strategic objectives.
Demonstrated management and leadership capabilities with proven ability to influence in matrix environment.
Proven ability to make administrative/procedural decisions and provide guidance and leadership to staff. Extensive experience conducting investigations and managing large information security incidents.
Expert understanding of information security threat modeling and vulnerabilities in large scale business technology environments.
Extensive experience and background with on-premises and cloud technology, operating systems, and applications, preferably including clinical and healthcare solutions.
Extensive experience with project and program management in technical environments with diverse stakeholder groups.
Expert experience conducting information security risk assessment, control analysis, and vulnerability assessments.CONDITIONS OF EMPLOYMENTThis is an Information Technology deadline-driven work environment.
The individual in this position is expected to work normal daytime hours. The work may be performed in either an office environment or by telecommuting with manager approval, during normal business hours; however, significant off-hours and weekends may be needed to resolve problems and respond to emergencies. This individual is expected to be available for emergencies (business continuity/disaster recovery efforts) on a 24x7 basis as needed.
Must coordinate projects without direct supervisory authority.
Must work within the constraints of multiple technical environments.
The individual in this position must learn many organizational structures and cultures and continually foster collaboration.
Ability to communicate effectively in English, both verbally and in writing.ABOUT UW MEDICINE - A HIGHER DEGREE OF HEALTHCAREUW Medicine is Washington's only health system that includes a top-rated medical school and an internationally recognized research center. UW Medicine's mission is to improve the health of the public by advancing medical knowledge, providing outstanding primary and specialty care to the people of the region, and preparing tomorrow's physicians, scientists, and other health professionals.
All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student, and colleague is valued and honored. Nearly 29,000 healthcare professionals, researchers, and educators work in the UW Medicine family of organizations that includes: Harborview Medical Center, UW Medical Center - Montlake, UW Medical Center - Northwest, Valley Medical Center, UW Medicine Primary Care, UW Physicians, UW School of Medicine, and Airlift Northwest.
Become part of our team. Join our mission to make life healthier for everyone in our community. #monsterCommitted to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.The University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 or dso@uw.edu.Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law. Open to Department employees only
If you are a UW employee and would like to be considered for this position, please login to your UW employee profile to apply.Estimated Salary: $20 to $28 per hour based on qualifications.
Job Location Detail:Primary work location may be fully remote within the US or at the Safeco Plaza Building on the corner of 4th and Madison in downtown Seattle.Posting Date:04/10/2024 Closing Info:
Closes On 04/17/2024Salary:$12,084 - 15,417 per month Other Compensation:Limited Recruitment: Open to Department employees only
If you are a UW employee and would like to be considered for this position, please login to your UW employee profile to apply.
Shift:First Shift
Benefits:
As an employee you will enjoy generous benefits and work/life programs. For detailed information on Benefits for this position, click here.UW MEDICINE IT SERVICES has an outstanding job opportunity for a MANAGER, CYBER RESILIENCE, GOVERNANCE, RISK, AND COMPLIANCE (GRC) position.
PLEASE NOTE: This position is open to current UW Medicine IT Services Employees only.WORK SCHEDULE100% FTE 40 hours per week
Day Shift UW MEDICINE ITS SERVICES CORE HOURS ARE 07:00 16:00 (PST), Monday-FridayPOSITION HIGHLIGHTSLead technical incident response for internal and external reports of information security events.
Provide forensic incident response services for all of UW Medicine and partner entities.
Facilitate enterprise compliance requirements through collaborative governance and consulting activites.
Address specific assurance, risk management, and related compliance issues, including management of enterprise policy/standards, information security risk assessments, and audits.
Grow and mentor a diverse team of professionals through responsible hiring, management, and development activities.
Manage 3rd party relationships and maintain an operational budget for information security vendors, tools, and services.
Manage, report on, and proactively mature a portfolio to include vulnerability management, threat assesment and management, awareness and training, governance, risk management, and incident response/forensics.
Optimize new and existing resource opportunities for building and sustaining effective information security activities, including establishing and maintaining partnerships with key professionals.DEPARTMENT DESCRIPTIONUW Medicine IT Services (ITS) is a shared services organization that supports all of UW Medicine. UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake Campus (UWMC-Montlake), UW Medical Center-Northwest Campus (UWMC-NW), Valley Medical Center (VMC), UW Neighborhood Clinics (UWNC), UW Physicians (UWP), UW School of Medicine (SOM), and Airlift Northwest (ALNW). In addition, UW Medicine shares in the ownership and governance of Children's University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research, and Seattle Children's). ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.
PRIMARY JOB RESPONSIBILITIESYou implement, manage, and mature the information security program and service portfolio in accordance with UW Medicine's information risk and asset protection needs, including risk management, governance, threat management, vulnerability management, awareness and training, and incident response.
You direct information security projects, balancing internal and external dependencies and timelines to meet objectives.
You manage the remediation process, create reports, and provide oversight of IT Services efforts to address and mitigate risks.
You participate in groups and committees to represent risk and security both as an enterprise shared service and critical partner for other enterprise initiatives.
You serve as a liaison for healthcare IT risk and security with UW campuses, UW Medicine business stakeholders, research affiliates, Privacy, Compliance, and Audit groups.
You act as an expert resource for engineers and analysts working on complex technical issues spanning all ITS technologies.
You lead, organize, and motivate multiple teams of information security professionals, including Leads, Cybersecurity Engineers and Analysts (8-10 staff), matrix resources, and student workers.
You instill UW Medicine and ITS vision and guiding principles to all staff; implement mission-oriented HR practices.
You facilitate development, publication, and maintenance of UW Medicine information security standards and policies.
You manage operational, capital, and project budgets including FTE, software licensing, vendor contracts, and other expenditures.REQUIRED QUALIFICATIONSBachelor's degree in Computer Science, Information Technology, Business Administration, or related field or equivalent education and/or experience.
Current security certification (e.g., CISSP, GIAC, CISM, CISA, CEH) or if not currently certified, completion of certification within 1 year of employment in the role.
8
years of overall experience to include the below.
8
years' progressive technology, security, and professional services experience to include several of the following: incident response, risk management, threat management, vulnerability management, governance, audit, and computer forensics.
4
years' experience managing, coaching, and developing high performing teams of security professionals in complex environments to meet operations, enterprise, and strategic objectives.
Demonstrated management and leadership capabilities with proven ability to influence in matrix environment.
Proven ability to make administrative/procedural decisions and provide guidance and leadership to staff. Extensive experience conducting investigations and managing large information security incidents.
Expert understanding of information security threat modeling and vulnerabilities in large scale business technology environments.
Extensive experience and background with on-premises and cloud technology, operating systems, and applications, preferably including clinical and healthcare solutions.
Extensive experience with project and program management in technical environments with diverse stakeholder groups.
Expert experience conducting information security risk assessment, control analysis, and vulnerability assessments.CONDITIONS OF EMPLOYMENTThis is an Information Technology deadline-driven work environment.
The individual in this position is expected to work normal daytime hours. The work may be performed in either an office environment or by telecommuting with manager approval, during normal business hours; however, significant off-hours and weekends may be needed to resolve problems and respond to emergencies. This individual is expected to be available for emergencies (business continuity/disaster recovery efforts) on a 24x7 basis as needed.
Must coordinate projects without direct supervisory authority.
Must work within the constraints of multiple technical environments.
The individual in this position must learn many organizational structures and cultures and continually foster collaboration.
Ability to communicate effectively in English, both verbally and in writing.ABOUT UW MEDICINE - A HIGHER DEGREE OF HEALTHCAREUW Medicine is Washington's only health system that includes a top-rated medical school and an internationally recognized research center. UW Medicine's mission is to improve the health of the public by advancing medical knowledge, providing outstanding primary and specialty care to the people of the region, and preparing tomorrow's physicians, scientists, and other health professionals.
All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student, and colleague is valued and honored. Nearly 29,000 healthcare professionals, researchers, and educators work in the UW Medicine family of organizations that includes: Harborview Medical Center, UW Medical Center - Montlake, UW Medical Center - Northwest, Valley Medical Center, UW Medicine Primary Care, UW Physicians, UW School of Medicine, and Airlift Northwest.
Become part of our team. Join our mission to make life healthier for everyone in our community. #monsterCommitted to attracting and retaining a diverse staff, the University of Washington will honor your experiences, perspectives and unique identity. Together, our community strives to create and maintain working and learning environments that are inclusive, equitable and welcoming.The University of Washington is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.To request disability accommodation in the application process, contact the Disability Services Office at 206-543-6450 or dso@uw.edu.Applicants considered for this position will be required to disclose if they are the subject of any substantiated findings or current investigations related to sexual misconduct at their current employment and past employment. Disclosure is required under Washington state law. Open to Department employees only
If you are a UW employee and would like to be considered for this position, please login to your UW employee profile to apply.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
