Cyber Security Manager
What We Do
At Kalderos, we are building unifying technologies that bring transparency, trust, and equity to the entire healthcare community. We are on a mission to solve systemic problems of the healthcare system, redefining how the business of healthcare performsTM. We measure our success when we can empower all of healthcare to focus more on improving the health of people.
As pioneers of Drug Discount Management, Kalderos has launched or is in beta testing for four products that will allow Kalderos to expand our solution suite that assists with ensuring drug discount programs work compliantly.
By building a smart infrastructure that ensures the right discount is applied to the right transaction, we have a once-in-a-lifetime opportunity to do something that benefits patients (and is financially rewarding for the team members who help make it happen.)
The Position
The Manager of Cyber Security is responsible for managing an Information Security professional team, processes, and technologies to defend and protect Kalderos’s systems and information assets against cyber-attack and adversaries. This individual will be a subject matter expert in incident response and cybersecurity defense, and will build a team of security professionals to design and execute best-in-class network/systems monitoring, preventative and detective controls, forensics and investigations, vulnerability management and cyber threat intelligence activities. The role will drive the creation and execution of plans for incident response and leading the incident response team through major incidents. The manager will develop and maintain key relationships with external cyber security organizations and federal/state law enforcement and regulatory agencies. The manager is operationally focused in the defense of Kalderos’s network while strategically positioning the organization in preparation for increasing complexity and emerging threats.
What you’ll bring:
- Experience implementing Cyber Security solutions within Cloud environments
- Lead the design and execution of the enterprise security operations processes, procedures, and playbooks
- Oversee and lead security operations in the identification and response to cyber threat activities and incident response
- Lead and manage technology vulnerability identification and remediation/patching of priority vulnerabilities
- Define and maintain the roadmap of program and technology changes being driven by effective threat analysis.
- Develop and lead cyber threat intelligence efforts to identify and analyze long-term and short-term cyber threat actor groups, techniques and tactics to inform information security defenses and technology decisions
- Manage team of analysts and subject matter specialists to ensure continued success and growth
- Manage security operations projects, including process improvement and technology investment
- Develop and communicate to peers, business partners, and management aspects of cyber defense, including crisis/incident communications, investigative results and training and awareness of the cyber threat landscape
- Provide management with weekly, monthly, and quarterly metrics for both risk and performance, and measurements of colleague performance
- Manage and maintain relationships with external sources of information security information that can be used to manage our information security & compliance program
Set yourself apart:
- Mastery in understanding the cyber risks, cyber threats and detection and response capabilities associated with operating within a Cloud-native (Azure) environment.
- Mastery of incident response methodologies, best practices and routines
- Advanced level of understanding in cyber specialization and several cyber related disciplines to investigate and analyze all response activities related to cyber incidents
- Mastery at directing and coordinating technical response teams to develop quick containment solutions to cyber security incidents
- Expert at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
- Basic to advanced reverse engineering with deep understanding of IOC's, Cyber Kill Chain, and preventive and detective technical controls
- Digital forensics or enterprise investigation experience
- Ability to work effectively with technical and non-technical staff
- In-depth familiarity with workflow tools and ability to develop and improve tools/processes
- Familiarity with industry organizations and individuals that can be leveraged for knowledge sharing and support
- Exceptional verbal and written communication skills, with mastery of the ability to tailor the context of the conversation to the audience
- Experience with socializing awareness campaigns
- Ability to think outside the box and develop solutions to accomplish seemingly impossible tasks, while remaining risk and objective focused
Recommended Certifications:
- CEH – Certified Ethical Hacker
- CISM - Certified Information Security Manager
- LPT – Licensed Penetration Tester
- CISSP - Certified Information Systems Security Professional
- CompTIA Security+
Kalderos is an equal opportunity workplace. We are committed to equal opportunity regardless of race, color, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or veteran status.
Due to the circumstances of the COVID-19 pandemic, Kalderos has decided to protect our current and future employees by shifting to an entirely remote workforce. We will continue to operate, interview, onboard, and work remotely. Please be aware that some of our roles will not be remote long-term and will return to an office setting once we're safe to do so following the guidance of local health authorities and the CDC.