Manager | Information Security Operations

Schedule Weekly Hours:

We are seeking an experienced Information Security Operations Manager to join our team!

What You'll Do:

• Lead, architect and deploy security tools to support alignment with relevant regulatory controls.

• Define, implement and continuously improve processes and procedures for information systems and asset protection.

• Perform and lead technical investigations of information security related incidents

• Participate in cross functional teams to guide and support information security initiatives and to reduce risk to the organization

• Subject matter expert on information security domains such as Identity and Access Management, Endpoint Security, Network Security, Application Security and Data Protection and Privacy

• Mentor information security team to develop subject matter expertise and attain learning goals

• Collaborate with ITDS leadership to develop, coordinate, and manage information security related project work

• Stay up to date on emerging threats and technologies

• Communicate information security goals and strategies to various audiences

What's Available:

• 1.0 FTE

• Location: Onsite- Onalaska, WI Support Services Building

What You'll Need:

• Bachelor's degree in computer science, cybersecurity, information technology, or a related field

• 3-5+ years of experience in an Information Technology field

• Excellent analytical and problem-solving skills

• Strong communication skills

What You'll Get:

• Competitive Benefits: We offer a comprehensive package including medical, dental, pet insurance, and a generous retirement contribution.

• Work-Life Balance: We prioritize your well-being with a 24/7 Employee Assistance Program, generous PTO, and paid holidays.

• Health & Wellness:Relax and recharge in our Zen Room with massage chairs, or take advantage of our corporate gym, yoga classes, and local gym discounts.

• Professional Development: Invest in your future with our Tuition Invest Program (up to $3,000 per year), access to hundreds of internal courses, and our Career Development Center.

• Diversity, Equity & Inclusion:We foster a welcoming environment with an inclusive celebration program, Unconscious Bias Training, and Patient Care resources.

If you are looking to be a part of a stable and growing mission-driven organization, this may be the right opportunity for you!

The Manager of Information Security Operations oversees the system's enterprise-wide program including, but not limited to, daily operations of the information security operations team, development, implementation, and maintenance of platforms and procedures in compliance with the appropriate industry requirements and in accordance with NIST cybersecurity framework. The manager of information security operations manages the development, deployment and execution of controls and defenses to ensure security and risk mitigation for the system's security strategy and infrastructure technology to ensure continuous improvement. Works with the leaders of ITDS to plan, organize, develop, and maintain information security requirements.The manager of information security operations reports to and prioritizes security efforts with the Director of Information Security Operations and the VP of Information Security and Risk Management.

STRATEGIC RELEVANCE -- SUMMARY

To advance its position as an innovator and leading health care system, Gundersen Health System (GHS) must continue to demonstrate superior outcomes, provide seamless delivery of care, and ensure competitive cost structures. It must also stay at the cutting edge of emerging technologies and new delivery models that will transform healthcare. The System must anticipate and respond effectively to evolving market and environmental trends, (e.g., shifts in payment models, value-based purchasing, transparency of outcomes and information technology) that will impact the delivery of health care services.

The Manager is responsible for understanding the impact of these forces and trends and for managing the effective response from their AOR (area-of-responsibility). The Manager collaborates with others to achieve GHS' strategic mission and goals: 1) demonstrate superior quality and safety through the eyes of patients and caregivers; 2) demonstrate superior service through the eyes of patients and colleagues; 3) attract, develop and retain a talented and engaged workforce; 4) demonstrate affordability of care; and 5) achieve programmatic growth. The Manager translates System strategy into staff commitment, action, and accomplishment in their AOR.

POSITION DUTIES AND RESPONSIBILITIES

The Manager is specifically responsible for:

1.0 Organizational Strategy and Implementation -- Understanding market trends and the impact on their AOR, contributing to AOR strategic and operational plans, translating these plans, and ensuring the understanding, alignment and commitment of AOR staff.

2.0 Fiscal Management -- Effectively using established processes to ensure accountability for effective operations and resource management.

3.0 Human Resource Management -- Effectively using established processes to: select, align, engage, develop, manage, and retain a team of highly skilled staff.

4.0 Excellence in Service and Clinical Quality -- Achieving seamless delivery of quality patient care and safety, excellence in patient experience and customer service.

5.0 Organizational Leadership -- Providing leadership and accomplishing objectives by ensuring the integration of processes and initiatives while modeling collaboration.

KEY ACCOUNTABILITIES

Organizational Strategy and Implementation

1.1 Collaborates with Division/Team leadership to understand external market financial, economic, and industry data, identifying market opportunities and threats.

1.2 Provides leadership and actively contributes to the design and implementation of clinically and fiscally responsive program goals and objectives for their AOR.

1.3 Formulates recommendations for AOR continuous improvement taking into account market demands, regulatory standards, and changes in clinical practice.

1.4 Establishes clear performance standards for their AOR, and monitors established management systems to ensure that cost effectiveness and continuous quality improvement forms the basis for all activities.

1.5 Collaborates with management to ensure that resources are prioritized and in place (i.e., staff, facilities, equipment, supplies, technology, data, and processes, etc.) and properly utilized to achieve AOR objectives through the most effective and efficient operations.

1.6 Contributes to the development of and implementation of processes to collect relevant clinical and financial indicator data which serves as a reliable proxy for clinical effectiveness, cost, and quality.

1.7 In conjunction with AOR leadership, designs and implements improvement of AOR key processes, leading to elimination of variability in cost and quality.

Fiscal Management

2.1 Manages AOR to meet fiscal targets, ensuring the delivery of cost-effective, quality services.

2.2 Participates in financial forecasting and planning along with other members of the AOR management team.

2.3 Develops and presents comprehensive analysis for financial and programmatic recommendations for AOR management.

2.4 Communicates the rationale for financial decisions ensuring a high level of understanding among staff and clinicians.

2.5 Evaluates AOR for potential cost-effective change and manages the implementation of approved changes.

2.6 Ensures staff compliance, and monitors physician compliance, as appropriate, with financial decisions.

Human Resources Management

3.1 Provides vision and leadership to staff in a collaborative environment that offers job satisfaction, performance recognition, and stimulates innovative thinking to accomplish objectives.

3.2 Ensures that AOR management, staff and clinicians understand their roles in accomplishing GHS, Team/Division, and AOR strategic objectives. Establishes expectations for high level of performance and holds individuals accountable for achieving them.

3.3 In collaboration with other AOR leadership and the Human Resources Department, ensures the efficacy of systems/processes to recruit, retain, and develop a high-performance team that meets patient, regulatory, and fiscal requirements for their AOR.

3.4 In conjunction with Team/Division leadership, ensures staff productivity by maximizing staffing efficiency and workflow patterns as well as monitoring and controlling turnover.

3.5 Implements and actively supports the integration of change and conflict management.

3.6 Creates a climate that ensures respect, teamwork, open communication, and professional recognition among a diverse workforce.

Excellence in Service and Clinical Quality

4.1 Ensures the implementation of service, quality and safety standards consistent with System policy for patient experience and internal and external customers in collaboration with AOR leadership.

4.2 Identifies and analyzes trends across services in customer satisfaction and patient experience, clinical quality outcomes, patient safety and cost using data systematically to develop solutions and guide change in AOR practices.

4.3 Models and ensures that AOR staff effectively uphold a customer service orientation to meet legitimate needs of patients and internal and external customers.

4.4 Ensures that confidentiality of patient, staff, and appropriate management data is maintained, and delivers immediate and certain consequences when confidentiality is compromised.

5.0 Organizational Leadership

5.1 Promotes the organization to all constituencies by interpreting and communicating GHS' mission and values, acting as a loyal, supportive, and informed spokesperson for AOR, Team/Division and the System.

5.2 Collaborates with other internal professionals to identify, reduce, and eliminate barriers within the system which may negatively impact cost and quality of services.

5.3 In the spirit of collaboration, promotes the visibility of AOR leadership throughout the organization.

5.4 Takes responsibility for providing a positive learning environment for students, interns, and residents working within their AOR, collaborating with academic programs, while ensuring patient safety.

5.5 Takes responsibility for identifying areas for self-development and actively seeks opportunities and resources to meet developmental objectives.

KEY INTERFACES

The Manager interacts primarily with the following external interfaces:

• Patients
• Families

The Manager interacts secondarily with the following external interfaces:

• Payers* scope dependent
• Vendors/Suppliers* scope dependent
• Educational and Regulatory Organizations
• Charitable Organizations
• General Public
• Non-GHS clinicians, hospitals, and facilities

The Manager interacts primarily with the following internal interfaces:

• AOR staff
• Other Team and Functional Managers
• Directors
• Clinicians

The Manager interacts secondarily with the following internal interfaces:

• Other Functional Directors and Managers
• Other System Staff

DECISION MAKING AUTHORITY & RESPONSIBILITY

The Manager has the authority to formulate and execute AOR vision, objectives, and strategies consistent with the System's mission, vision and goals. This person determines which resources are needed and facilitates the acquisition of additional resources where indicated.

The Manager has the responsibility to advocate change in AOR processes and systems to ensure optimal, cost effective health care delivery. This individual facilitates the resolution of clinical, staff, and policy issues within agreed upon organizational, financial and regulatory limits. The Manager oversees the enforcement of policy, as well as makes recommendations for changes to AOR staff and leadership. The Manager coaches, monitors, and documents staff performance, makes recommendations for compensation strategy and promotion, and supports the physician recruitment process for their AOR.

The Manager represents Gundersen Health System and their AOR within the System and in the external community.

Education and Learning:

REQUIRED

Bachelor's degree in computer science, cybersecurity, information technology, or a related field. Candidates with an Associate's degree in a related field will be required to complete their bachelor's degree within 3 years of hire.

DESIRED

Bachelor's degree in cybersecurity, information technology.

Work Experience:

REQUIRED

Minimum of 5 years related work experience in an Information Technology field.

Minimum of 3 years related work experience with information security systems

DESIRED

Understanding of operating system fundamentals, networking, security technologies (firewall, intrusion detection,)

Experience with the NIST Cybersecurity framework, HIPAA, HiTrust and other regulations governing the collection, storage and use of ePHI.

Knowledge of security concepts and methodologies such as vulnerability and privacy assessments, intrusion detection, security policy creation and incident response.

Strong project management and time management skills with the proven ability to meet deadlines and managing an agile team.

License and Certifications:

REQUIRED

N/A

DESIRED

Information security certifications highly desirable (for example, CISSP)

Age Specific Population:

N/A

Osha Category:

Category 3 - Employees in this job title have no reasonably anticipated risk of occupational exposure to blood and/or other potentially infectious materials.

Environmental Conditions:

Not substantially exposed to adverse environmental conditions (as in typical office work)

Physical Requirements/Demands of The Position:

Sitting Approximately 8 hours in a day

If you need assistance with any portion of the application or have questions about the position, please contact HR-Recruitment@gundersenhealth.org or call 608-775-0267

Equal Opportunity Employer