Senior Manager Information Security

Your north star: build and oversee a team of information security experts dedicated to protecting Children's National and our patients, families, and staff.

Position summary
The Senior Manager will be responsible for the security of CNH information systems, including medical devices. They will oversee a holistic program in collaboration with stakeholders that recognizes the critical role that information systems play in care delivery, research, and hospital operations. The incumbent will be responsible for leading a team that works to reduce vulnerabilities across medical devices. We are seeking a dynamic leader who excels at inspiring others through compelling communication and storytelling. They are a doer who is equally comfortable managing direct reports, overseeing partners, influencing colleagues, and rolling up their sleeves and executing.

Minimum Education
Bachelor's Degree Bachelor's degree in education, psychology, social science, or another relevant discipline (Required)
Master's Degree (Preferred)

Minimum Work Experience
7+ years of experience in information security and 3+ years in a management role (Required).
3+ years in information security operations and 3+ years in health care (particularly medical device engineering, operations, or maintenance) (Preferred).

Required Skills/Knowledge
Outstanding capability to collaborate with diverse stakeholders across all functional roles and technical capabilities
Experience leading some or all of information security program
Deep and broad knowledge of relevant standards and best practices in vulnerability management and remediation across traditional IT systems, IoT, MIoT, and medical devices
Experience designing and implementing the full life cycle of medical device ownership
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Background in feature and benefit cost analysis
Familiarity with relevant standards and best practices, including: AAMI TIR57, HiTech, HIPAA, and the CSF

Functional Accountabilities
Core areas of responsibility that fall under this role include:
Providing leadership in defining, prioritizing and delivering initiatives associated with the information security program

• Advising and assisting medical device stakeholders in operationalizing and adhering to connected device security requirements

• Managing, mentoring, supporting, and empowering information security operations staff to excel in their job performance and career objectives

• Overseeing the development, maintenance and execution a multi-year enterprise-wide security road map to protect connected medical devices and associated data

• Providing input and support to connected medical device product and support teams throughout the connected device life-cycle from concept to decommissioning