The management of ChristianaCare's Vulnerability Management Lifecyle is critical to the resiliency and stability of the ChristianaCare network and information systems. This position will serve as the key role in ensuring that all activities related to vulnerability management are coordinated and affected in accordance to policies, procedures and the emergent threat landscape. This role will serve as the primary interface between all information technology departments responsible for remediation activities to ensure appropriate alignment and prioritization of functions critical to the vulnerability management program. The role will coordinate the management of vulnerabilities throughout the ChristianaCare information technology enterprise and all associated activities required for remediation of vulnerabilities. This position will ensure remediation owners have the necessary vulnerability information needed to resolve identified vulnerabilities and follow related remediation processes. The coordinator will provide reports and metrics in of support the vulnerability management lifecycle to all stakeholders including analysts, leaders and senior management. The role will also serve as the processing entity for exception management with a dotted reporting relationship to IT senior management for exception approvals or denials. The role will be responsible for the escalation of any deviation from organizational service levels for remediation to IT senior management.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
Serve as primary lead for all efforts related to vulnerability management and tracking of remediation activities. A role critical to the cybersecurity posture of ChristianaCare.
Responsible for the overall management and coordination of the vulnerability management lifecycle process.
Support the design and implementation of a remediation Exception Request process, including workflows, alternate controls recommendations and implementation, documentation requirements, risk assessment and senior management exception approvals processes.
Coordinate with all responsible stakeholders in the vulnerability management lifecycle including all Application and Infrastructure departments, the Program Management Office and all levels of IT Leadership including senior management.
Develop and disseminate regular reporting and metrics on the posture of vulnerabilities and remediation activities throughout the lifecycle and to all IT stakeholders including senior management.
Administer vulnerability response management tools and their efficacy in properly identifying and assigning remediation activities and assignments to affected stakeholders.
Support the CISO and Cybersecurity Team in affecting process improvement and maturity on all vulnerability management lifecycle activities.
Actively participate as a member of a team or department to drive all related activities towards completion.
Coordinate necessary activities to assist in the removal of identified obstacles necessary for the IT departments to reach vulnerability management service levels and goals.
Escalate any deviation from organizational service levels for remediation to IT senior management.
EDUCATION AND EXPERIENCE REQUIREMENTS:
Bachelor's degree or commensurate experience in a discipline related to information technology or cybersecurity.
3+ years of healthcare experience
5+ project/program management
5 years vulnerability management experience: identifying, classifying, prioritizing, remediating, and mitigating.
Experience with vulnerability management tools such as Nessus, Qualys, Splunk, ServiceNow, etc.
Required Licenses, Certifications, and Other Requirements:
CISSP, CEH, CISM, CISA or other industry-relevant cyber-security certifications.
Full Medical, Dental, Vision, Life Insurance, etc.
Two retirement planning offerings, including 403(b) with company contributions
Generous paid time off with annual roll-over and opportunities to cash out
12 week paid parental leave
Incredible Work/Life benefits including annual membership to care.com, access to backup care services for dependents through Care@Work, retirement planning services, financial coaching, fitness and wellness reimbursement, and great discounts through several vendors for hotels, rental cars, theme parks, shows, sporting events, movie tickets and much more!
Whether a position can be supported for remote work will be assessed based on whether ChristianaCare is able to meet the business requirements of the proposed remote location.
ChristianaCare Health System is headquartered in Wilmington, Delaware and is one of the country's largest health care providers, ranking 21st in the nation for hospital admissions. Christiana Care is proudly a Nurse Magnet recognized institution. Christiana Care Health System is also one of the largest health care providers in the mid-Atlantic region, serving all of Delaware and portions of seven counties bordering the state in Pennsylvania, Maryland and New Jersey. A not-for-profit, non-sectarian health system, Christiana Care includes two hospitals with more than 1,100 patient beds, and is a major teaching hospital with two campuses. Christiana Care is continually recognized for excellence on a regional and national level. Our role in the community is expressed in the Christiana Care Way: "We serve our neighbors as respectful, expert, caring partners in their health. We do this by creating innovative, effective, affordable systems of care that our neighbors value."Christiana Care is a great place to work because we value diversity and recognize it to be a core part of our success. Because of the diversity of our employees, affiliated health professionals and volunteers, we are ...positioned to meet the unique needs of our patients and community. We acknowledge and celebrate the uniqueness and talent of each employee. Because of our talented workforce we are able to provide a quality healthcare experience to our patients and community. We strive to create an inclusive environment in which individual diversity can be leveraged and thrive. Christiana Care Health System is an equal opportunity employer, firmly committed to prohibiting discrimination, whose staff is reflective of its community and considers qualified applicants for open positions without regard to race, color, sex, religion, national origin, sexual orientation, genetic information, gender identity or expression, age, veteran status, disability, pregnancy, citizenship status, or any other characteristic protected under applicable federal, state, or local law.