If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position using the Career worklet, please review this tip sheet.
*REMOTE*
The University of Miami Health System, "UHealth", Information Technology Department has an exciting opportunity for a full-time IT Security Incident Response Leader.
The IT Security Incident Response Leader will lead the proactive incident detection, response, and recovery efforts. This individual will be responsible for developing and implementing incident response strategies, managing a team of cybersecurity professionals, and ensuring compliance with industry standards, regulations, and following industry best practices to optimize incident response processes and enhance the organization's security posture. The incumbent will also drive continuous improvement through incident analysis, threat hunting, and incident simulation exercises. The ideal candidate possesses strong leadership, communication, and technical skills, with a deep understanding of cybersecurity frameworks and emerging threats.
Core Responsibilities
Supervises the performance management of all assigned staff including making decisions as they pertain to hiring, training, evaluation, promotion, and termination.
Manages daily operations and directs staff to achieve departmental goals and objectives.
Acts as liaison between industry peers, government agencies (including law enforcement), and other specialists.
Utilizes commercial intelligence providers to gain insight into adversary tactics, techniques, and procedures, as well as planned activities and emerging threats.
Coordinates with Security Operations to identify and assess security incidents.
Advises IT Leadership of significant emerging threats and recommends both strategic and tactical steps to counteract these threats.
Establishes departmental goals and objectives, identifies areas of improvement, and implements action plans to meet these.
Develops and delivers tabletop preparedness exercises on an annual basis.
Leads quarterly reviews of the incident response plan to ensure accuracy in accordance with organizational and infrastructure changes.
Attends professional meetings, workshops, conferences, and seminars to keep abreast of technological market advancements.
Establishes and continuously assesses the effectiveness of the internal controls within the unit and compliance with University policies and procedures. Ensures employees are trained on controls within the function and on University policy and procedures.
Department Specific Functions
Develops and maintains the security incident response process, including all required supporting materials.
Develops functional requirements for roles that will be involved in the CSIRT program.
Works with business units, IT functions and external providers to ensure that the process is mutually understood and agreed on, and that responsibilities are clear and accepted.
Acts as a liaison throughout the entire organization (including, but not limited to, enterprise IT services, lines of business, public relations, legal counsel, and customer call centers).
Initiates the security incident response process and executes decision authority to the extent of the role within that process.
Ensures execution of the incident response process to the resolution of the incident.
Ensures generation, maintenance, and protection of required incident records, such as investigator journals.
Organizes, participates in and, if required, chair post-incident reviews for presentation to the senior management.
Ensures the delivery of threat intelligence collected from incident engagements to threat intelligence teams and content creators for the purpose of operationalizing.
Provides specialized security support for other events that fall outside the security incident realm, such as fraud attempts based on electronic channels or high-impact outages due to reasons other than security.
Organizes the day-to-day management of the CSIRT, including staffing, employee development, budgeting and other relevant management functions.
This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary.
CORE QUALIFICATIONS:
Bachelor's degree in relevant field
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Certified GIAC Forensic Analyst
CERT Incident Response Process Professional Certificate
Security +
Certified Ethical Hacker
Cloud Security certification
Minimum 7 years of relevant experience
Security incident management processes and tools.
Security risk assessment process.
Security forensic techniques, tools and procedures for on-premises and cloud environments.
Threat intelligence management lifecycle.
IT end-to-end problem management and root cause analysis is desirable.
Strong communication skills with a proven ability to understand key concepts and communicate with technical staff, lines of business and senior management.
Proven ability to build relationships and influence individuals at all levels in a matrixed environment, as well as external vendors and service providers, to ensure that segregation and overlapping roles are identified and coordinated.
Strong organizational skills and the ability to perform in a command-and-control role under pressure, and the ability to manage multiple priorities with competing demands for resources.
Ability to consume and synthesize intelligence about actors, techniques or situations to identify emerging risk scenarios.
Strong analytical and problem-solving skills.
Proficiency in process formulation and improvement.
Proficiency working in a fast-paced, complex, dynamic, multicultural business environment.
Any relevant education, certifications and/or work experience may be considered.
#LI-AS1
The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more.
UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for.
The University of Miami is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities are encouraged to apply. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.