Program Manager - IT

Responsibilities:

Incident Response Leadership:

• Lead the detection, triage, investigation, containment, and remediation of cybersecurity and privacy-related incidents.
• Serve as the central coordinator for major incidents involving PHI/PII exposure, ransomware, insider threats, or unauthorized access.
• Use technology suite including SIEM, DLP, EDR etc.  for threat detection, analytics and action taking.

Breach & Regulatory Compliance:

• Maintain documentation for incident timelines, decisions, and mitigation activities in ServiceNow.

Tooling, Playbooks & Workflow Automation:

• Improve playbooks for recurring incidents for pragmatic risk management and remediation
• Leverage ServiceNow to manage incident workflows, escalation paths, SLA tracking, evidence handling, and audit trail documentation.
• Integrate threat intelligence feeds and automated alerts into both platforms to accelerate detection and containment.

Threat Intelligence & continuous improvement

• Structure threat intelligence and threat hunting activities into incident response workflows to enhance detection capabilities.
• Identify trends and lessons learned to continuously mature the incident management framework and reduce mean time to detect/respond.
• Collaborate with the Threat Intelligence team to assess potential indicators of compromise (IOCs) and emerging attack vectors.

Metrics, Root Cause Analysis & Reporting:

• Track incident response metrics and generate regular reports and dashboards for leadership, compliance, and audit stakeholders.
• Conduct root cause analysis and lead post-incident review meetings, documenting lessons learned and recommending improvements.
• Drive continuous improvement of the incident response program, including integration of new use cases and remediation actions.

Stakeholder Communication & Training:

• Develop internal training for operational teams to improve breach recognition and response preparedness
• Participate in tabletop exercises and readiness testing with business units and leadership

Qualification:

• Bachelor’s degree in Technology, Cybersecurity, Information Systems, Risk Management, or a related field. Master’s preferred.

Experience Skills & Knowledge:

• 7–9 years of experience in cybersecurity and privacy incident response, preferably in a regulated environment (e.g., healthcare, finance, SaaS).
• Strong understanding of HIPAA, HITECH, GDPR, CCPA, and state/federal breach notification laws.
• Experience managing incidents using SIEM and ticketing management systems such as Microsoft Sentinel and ServiceNow
• Familiarity with EDR, DLP tools, data flow mapping, forensic investigation, and threat intelligence integration

Key Competency Profile:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)

Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package.