Senior IT Manager of Cybersecurity and Risk Management

About the American College of Surgeons

The American College of Surgeons (ACS) is a professional and educational organization of surgeons that was founded in 1913 to raise the standards of surgical practice and improve the quality of care for surgical patients. The College is dedicated to the ethical and competent practice of surgery. Its achievements have significantly influenced the course of scientific surgery in America and have established it as an important advocate for all surgical patients. The College has more than 90,000 members and is the largest organization of surgeons in the world. For more information, visit www.facs.org.

Summary: The Senior IT Manager of Cybersecurity and Risk Management provides strategic leadership and operational oversight for the organization's cybersecurity infrastructure, ensuring compliance with regulatory standards and mitigating risks. This role designs security architectures, manages incident response, evaluates emerging technologies to enhance security posture, and collaborates with Legal to address policy development and third-party risk management.

This exempt position will report to the Chief Information Officer in the Division of Information Technology. It is based in our Chicago office and is a hybrid role: 3 days per week in the office/2 days per week remote.

The anticipated salary range for this position is $155,000 - $175,000 (commensurate with related skills and experience).

Responsibilities:

• Strategic Security Leadership: develop and maintain a cybersecurity strategy aligned with organizational goals; serve as a key advisor to leadership on emerging threats and industry best practices; collaborate with executive leadership to ensure compliance with regulatory standards, including PCI DSS and HIPAA; and work closely with Legal to establish and update security policies and procedures.
  
  
• Architectural Design and Implementation: design and implement security architectures for cloud, hybrid, and on-premises environments; evaluate and recommend security tools, frameworks, and technologies; and develop and enforce secure software development practices in collaboration with IT teams.
  
  
• Risk Management and Compliance: conduct risk assessments and develop mitigation plans; oversee incident response plans, including tabletop exercises and simulations; manage audits and certifications for regulatory compliance; lead efforts to achieve and maintain PCI compliance; and assess and manage third-party vendor risks to ensure alignment with security standards.
  
  
• Operational Security Oversight: in conjunction with the security analyst(s), monitor and analyze security alerts, ensuring swift and effective responses; automate threat detection and remediation processes; and establish metrics and dashboards to measure performance and risk exposure.
  
  
• Leadership and Mentorship: mentor junior staff and create training programs focused on cybersecurity awareness and provide leadership in security governance, aligning teams and processes with policies.
  
  
• Emerging Technologies and Innovation: assess and pilot emerging technologies such as AI-driven security tools; stay ahead of trends and threats by maintaining relationships with industry groups and vendors; and recommend and test innovative solutions to enhance security posture.
  
  

Required Education and/or Experience:

• Bachelor's degree or higher in Computer Science, Information Technology, or related field from an accredited college or university is preferred.
  
  
• Information Systems Security Professional Certification (CISSP) required.
  
  
• At least 5-10+ years of experience in cybersecurity, compliance, and IT risk management is required.
  
  
• Experience with cloud security frameworks and scripting languages (e.g., Python, PowerShell); expertise in cloud platforms (AWS, Azure, Google Cloud); and proficiency with Security Information and Event Management (SIEM) tools required.
  
  
• Strong project management and automation capabilities. Knowledge of Zero Trust Architecture.
• Self-starter who can work both independently and in a team environment with the ability to lead, mentor, and influence others.

Comprehensive Benefits:
We're committed to attracting and retaining top talent via valuable benefits!

• Vacation, personal, and sick hours including 13 paid holidays per year
• Tuition Reimbursement
• Medical-comprehensive coverage through BlueCross BlueShield
• Dental, Vision, and Prescription drug program
• 403(b) Matching Program
• Pension Plan
• Flexible Spending Medical/Dependent Care
• Employee Assistance Program
• Short Term/Long Term Disability
• Life Insurance
• Domestic Partner Coverage

The American College of Surgeons is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please send an e-mail to recruitment@facs.org or call (312) 202-5000 and let us know the nature of your request and your contact information.