Director, Cyber Security Operations

Formed in 2008 and headquartered in Fort Myers, Florida, with offices in Florida, North Carolina, and Texas,Millennium Healthcare is the largest independent physician group in the state of Florida and one of the largestin the United States.

At Millennium Physician Group, our employees are the foundation of our success.

Ourpromise is to provide you with the tools to do your job successfully, as well as providing a team atmospherethat empowers you to seek better ways to deliver care to our patients and their families.

We also promise tocare for you as an individual and help you grow in your role.nThe Director of Cyber Security Operations is responsible for overseeing all aspects of security operationsincluding security technology design, solution implementation, and management of the process, proceduresto ensure consistent security practices.

This role involves leading a team of cyber security managers, architects,engineers, administrators, and incident response to ensure the protection of information systems and data.This role will develop strategies to safeguard against cyber threats, ensure compliance with security policies,and maintain the overall integrity of the organization's cyber security posture.nResponsibilities• Formulate and implement a comprehensive cyber security strategy that aligns with the overarchinggoals and objectives of the organization.• Design, implement, and enhance security strategies that bolster the efficiency of systems and dataassets in compliance with healthcare regulations, including HIPAA and related laws.• Ensure strict compliance with pertinent cyber security regulations, standards, and frameworks,including HIPAA, NIST Cybersecurity Framework (CSF), ISO 27001, Zero Trust architecture principles,and OWASP guidelines.• Plan and oversee the deployment of enterprise-level security solutions, leveraging both internalresources and external service providers to achieve optimal security outcomes.• Assess and integrate advanced cyber security technologies and tools that elevate Mosaic Health'ssecurity capabilities in a rapidly changing threat landscape.• Spearhead the selection and implementation of state-of-the-art cyber security technologies, includingAI-driven security analytics, threat intelligence platforms, and automated incident response systems,to enhance proactive defense mechanisms.• Create and implement robust policies, standards, and procedures grounded in established securityframeworks to strengthen the organization's security posture.• Establish and enforce security standards and best practices across network and system security tosafeguard organizational assets effectively.• Direct the SOC to ensure continuous, 24/7 monitoring and analysis of security events, facilitatingtimely and effective incident response.• Develop and execute proactive threat hunting strategies aimed at identifying and neutralizingpotential threats before they materialize.• Manage the SOC by integrating threat intelligence, prevention and detection engineering, securityoperations, and data security functions, ensuring effective monitoring, detection, and resolution ofsecurity incidents.• Collaborate with cross-functional teams, including IT, development, and business units, to ensure thatsecurity considerations are thoroughly integrated into all organizational processes.• Support the formulation of cyber security policies, procedures, and standards to ensure alignmentwith industry regulations and adherence to security best practices.• Manage vulnerability scans, penetration tests, and security investigations to effectively identify andmitigate threats and risks to the organization.• Lead the cyber security incident response team in the investigation, containment, and resolution ofsecurity incidents to minimize impact and restore operations.• Conduct comprehensive post-incident analyses to evaluate the response to security events,implementing lessons learned to strengthen the overall security posture.• Develop and conduct security tabletop exercises to improve the security response process, ensuringthe team is well-prepared to handle potential incidents effectively.• Establish and track key performance indicators (KPIs) to measure the effectiveness of incidentresponse activities, vulnerability management, threat intelligence, and compliance efforts.• Perform thorough assessments to identify security gaps and vulnerabilities, providing actionablerecommendations for enhancements to the existing security framework.• Prepare and present detailed reports on security status, risks, and recommendations to seniorleadership and relevant stakeholders to facilitate informed decision-making.• Stay abreast of emerging cyber security threats, trends, and technologies, continuously enhancing theorganization's security posture and ensuring resilience against evolving risks.• Provide leadership, mentorship, and professional development opportunities for the cyber securityteam to foster growth and maintain a high level of expertise within the department.• Demonstrate excellent guest service to internal team members and patients.• Perform other related duties as assigned.nQualifications• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field; amaster's degree is preferred.• Certifications: Certified Information Systems Security Professional (CISSP), Certified ProtectionProfessional (CPP), Certified Information Security Manager (CISM), or Certified Information PrivacyProfessional (CIPP) are highly desirable.• 10+ years of comprehensive experience in cybersecurity operations, with at least 5 years in leadershipcapacity.• A proven track record of innovation and driving continuous improvement initiatives withincybersecurity and enterprise environments.• Significant expertise in Security Operations Center (SOC) operations, threat hunting, incidentinvestigation, endpoint protection, security frameworks, managing external Managed Detection andResponse (MDR) partners, cloud security, and strategic planning.• Experience handling cybersecurity insider threats, incident response, and security investigationseffectively.• Strong foundational knowledge of cybersecurity principles, practices, and technologies.• Proficient with various security tools and technologies, including Security Information and EventManagement (SIEM), identity and access management systems, endpoint protection solutions,application security protocols, data security measures, and cloud security environments.• Demonstrated success in managing and leading a team of cybersecurity professionals, fosteringgrowth and collaboration.• Proven experience with identity and access management (IAM), encompassing Multi-FactorAuthentication (MFA) and Single Sign-On (SSO) solutions.• Excellent analytical, problem-solving, and decision-making skills.• Strong communication and interpersonal abilities, enabling effective collaboration with stakeholdersat all organizational levels.• Ability to work independently in a fast-paced, cross-functional environment.nPhysical Demands• Sedentary work.

Exerting up to 10 pounds of force occasionally and/or negligible amount of forcefrequently or constantly to lift, carry, push, pull, or otherwise move objects.

Repetitive motion.Substantial movements (motions) of the wrists, hands, and/or fingers.

The worker must have closevisual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing;viewing a computer terminal; extensive reading.

Ability to lift to 15 lbs.

independently not to exceed50 lbs.

without help.Equal Employment Opportunity• MPG is committed to equal employment opportunities.

We will not discriminate against employees orapplicants for employment in employment opportunities or practices based on race, color, sex(including pregnancy), genetic information, sexual orientation, religion, physical or mental disability,age, military or veteran status, marital status, familial status, national origin, or any other legallyprotected class.• Equal opportunity applies to all areas of the employment relationship, including hiring, promotions,training, terminations, working conditions, pay, and other terms and conditions of employment.• Millennium Physician Group (MPG) is committed to the full inclusion of all qualified individuals.

Inkeeping with our commitment, MPG will take steps to assure that people with disabilities are providedreasonable accommodations.

Accordingly, if reasonable accommodation is required to fullyparticipate in the job application or interview process, to perform the essential functions of theposition, and/or to receive all other benefits and privileges of employment, .

Full Time