Information Security Manager - CyberSecurity Operations Center

The Information Security Manager - CyberSecurity Operations Center is responsible to guide execution of all aspects of their team's strategy, delivery of services, maintaining quality, and stakeholder satisfaction. Job duties include assisting division leadership in establishing the strategic direction of work teams or service lines, overseeing the team's design and implementation of new or enhanced processes and tools, and discovery and analysis of business or system information. Also, helps identify and evaluate security and solution implications across multiple Mayo Clinic business areas. Supervises the daily activities of senior analysts and analysts, including helping manage the team's work load across limited resources to meet or beat approved budgets and milestones, putting the goals of department/organization over the achievement of personal goals, and providing challenging and meaningful work assignments that capitalize on team member strengths. Develops and maintains effective relationships with external vendors, auditors, regulators, and/or other business partners, as well as with management across all Mayo sites. Expected to serve as strategic resource and provide awareness of internal and external environment issues and trends, through continuous review/growth of the following knowledge: security aspects of the healthcare industry, technologies, regulations, and business practices in light of rapid technology advances and regulatory reform; industry information security frameworks, best practices, and reporting methods in response to increasing demand for transparency and accountability; and the enterprise's business strategy, information assets, changing technology, and security risks/controls. Responsible to assist with written and/or verbal updates to the Mayo Clinic Security Council, Medical Device Oversight Subcommittee, as well as representation on workgroups, taskforces, or committees, as requested by Senior or Executive Departmental Leadership. Participates in recruitment and provides coaching to other department members to help grow skills and capabilities. Promotes a team spirit and enthusiastic work team, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others. Travel of 20 to 25% may be required, as work activities warrant.

This is a full time remote position.  Incumbent must live within the United States.  Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM.

This position will accept applications until 5/31/2024.  This deadline may be extended if the necessary candidate pool is not met by this date.

Bachelor’s degree in Information Systems, Computer Science, Accounting, Business Administration, Engineering, or related field is required. Master’s Degree in associated field is preferred. Minimum of 10 years’ experience (or 8 years with relevant Master’s degree) in one or more of the following areas is required: Information Security, Information Technology, project management, business or security informatics, audit and assurance, Enterprise Risk Management, Corporate Compliance, security architecture/design strategy, policy or controls development, compliance readiness assessments (i.e. PCI, SOX, HIPAA, etc.), system analysis and implementation, or related function. Demonstrated experience in leading teams, projects, or providing direction to others.Working knowledge of the Mayo technical environment and core business operations is strongly preferred. Excellent communication and advocacy skills both written and verbal, including a demonstrated ability to generate and deliver executive-level presentations. Must possess interpersonal skills to interact effectively with both technical and non-technical personnel at all levels of the organization, including proven ability to confidently lead discussion and negotiate on high risk and high-pressure issues while simultaneously building credibility and rapport. Demonstrated ability to tolerate and deal effectively with ambiguous situations and the varying political/cultural environments within the institution, department, divisions. Proven ability to offer guidance on business processes, technology capability and vulnerability assessments, and control enhancements or mitigation approaches is required. Solid knowledge of information security concepts and trends, project management methodologies, and relevant healthcare security regulatory requirements is required. Must have one of the following certifications (or equivalent) at time of hire. Associate CISSP, CISSP, CISM, HCISPP, GSEC, OSCP or equivalent.

Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans – to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic. You’ll thrive in an environment that supports innovation, is committed to ending racism and supporting diversity, equity and inclusion, and provides the resources you need to succeed.