Supervisor Cybersecurity, Data and Applications Security is responsible for providing technical and people leadership for Cybersecurity and Risk Management group. Supervisor is responsible for leading subject matter experts in solution design, engineering, configuration and operational support of enterprise level Cybersecurity solutions for for M Health Fairview. This position reports into Manager of Cybersecurity Operations. Successful candidate will help execute the strategy and operational planning for Security Operations including but not limited to 24x7x365 support for security tools, securing enterprise applications, securing development lifecycle (SecDevOps), application web and mobile access and data security aspects, static and dynamic testing of applications for security vulnerabilities and threats (DAST, SAST) and supporting data encryption and Data Loss Prevention (DLP) solutions. Additional responsibilities may include managing project and operational budgets and serving as a core member supporting Cybersecurity Risk Management groups IT and Security strategies.
Execution of Cybersecurity and IT strategies to enhance security posture of M Health Fairview
Provide technical inputs and oversight in design, architecture, implementation and/or operational support for M Health Fairview
Manage combination of Cybersecurity subject matter experts in engineering, operations and support areas to accomplish team goals.
Provide operational and engineering guidance for security testing web applications, SaaS applications, mobile apps, cloud native applications, API gateway integrations
Oversee efforts to define, deploy and run tools and processes for application static and dynamic testing, executing threat modeling, secure coding and review processes. Coordinate with third party service providers in determining security vulnerabilities, prioritization and remediation aspects in in-house developed or vendor application customizations.
Configure and support Web Application Firewalls and access permissions collaborating with IT Risk and Compliance management counterparts
Support DLP solutions enforcing data security in email, cloud, network and endpoints based on enforced DLP classifications and policies.
Work with operational support leadership to fine tune intake processes for code reviews, code analysis/security testing, reporting and remediation tracking.
Provide technical and process inputs to improve development and coding practices and support
Bachelors degree in Computer Science or Liberal Arts OR equivalent combination of relevant education/experience.
10+ years of experience in engineering, support of IT systems.
5+ years of experience with any of these areas of Cybersecurity Policy and Standards, Compliance, Governance, Risk management, Risk assessments, Security Awareness & Training, Threat & Vulnerability Management, Incident Response, Firewall and Network security, Application Security, Data Security, Identity Management, User Onboarding, Application Onboarding, Access Management, Federation, PKI & Certificate management etc.
Informal or formal leadership experience managing engineers, analysts to accomplish team goals
Demonstrated understanding of security related technologies and practices, including: authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, roles and role based access, birthright provisioning, risk based authentication, cloud access security, secure remote access, and fire walls.
Diverse technical background in enterprise networking, firewall, storage options, server infrastructure, operating systems, database technologies, and desktop operating systems and security.
Excellent abilities to effectively communicate both verbally and written with all levels within the organization
Ability to effectively make use of infographics and other visual aids to explain technical concepts and adjust messaging based on the audience, including non-technical groups
Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills both in-person and remote work environments
Deliver on project commitments under tight deadlines and/or budgetary and other resource constraints
Prior experience deploying and/or supporting static code analysis tools such as Veracode, Fortify etc, vulnerability and threats scanners Qualys/RAPID7, Application security vulnerability tools BURP, App Spider, Checkmarx etc.
Mobile, cloud native web app development or support, security control enforcement through Web App Firewalls and cloud provider equivalent tools.
Bachelors or higher degree in Computer Science, Engineering or associated fields including Information security
Experience working in the healthcare services industry or other highly regulated/compliance-oriented environments.
Support experience with DLP tools network and endpoint DLP
Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes
Industry certifications such as CISSP, CISM, Security+ , TOGAF
Together with the University of Minnesota and University of Minnesota Physicians we have created M Health Fairview. M Health Fairview is the newly expanded collaboration among the University of Minnesota, University of Minnesota Physicians, and Fairview Health Services. The healthcare system combines the best of academic and community medicine — expanding access to world-class, breakthrough care through our 10 hospitals and 60 clinics.
Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 10 hospitals—including an academic medical center and long-term care hospital—serving the greater Twin Cities metro area.
Its broad continuum also includes 60 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider netwo...rk and health insurer PreferredOne. In partnership with the University of Minnesota, Fairview’s 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education.