We are looking for a highly motivated Information Security Manager to lead our team in governance, security monitoring, risk management, forensics and incident response.

Reports to the VP, Chief Information Security Officer. This position develops and performs information technology risk and security assessments to ensure the protection of Community Medical Centers (CMC) technology assets and compliance with applicable laws and industry regulations. This position also provides proactive operational responsibility for information security incident prevention, detection, and remediation. The Information Security Manager is responsible for the supervision of the security staff including selection, training, coaching, mentoring, evaluation and compensation as well as the efficient, effective operation of the Information Security department in accordance with established policies and procedures and CMC strategic goals and mission.

• Manages and coordinates response teams during security incidents (phishing, DDOS, malware, etc) through resolution and to lessons learned stage


• Develops tactical response procedures for security incidents


• Reviews alerts and data from systems and responds accordingly, including documentation and escalation


• Recommends and implements mitigating actions to contain incident related activity


• Mentors junior staff to advance their skills and knowledge to promote professional growth


• Participates in product selection, vendor evaluations, and implementations of security technologies.


• Recommends security enhancements to management


• Assists in the design, implementation, and maintenance of security plan, policies, procedures, and standards.


• Perform controls testing, document results, and provide detailed updates to leadership.


• Design and develop information security training with HR to be utilized for on-boarding and annual training.


• Stay up to date on information security, trends and potential impacts to the business.