Director Perimeter & Network Security Remote

Primary City/State:

Phoenix, Arizona

Department Name:

IT Perimeter &Network Security

Work Shift:

Day

Job Category:

Information Technology

Primary Location Salary Range:

$68.92/hr - $114.86/hr, based on education & experience

In accordance with State Pay Transparency Rules.

Innovation and highly trained staff. The Information Technology professionals at Banner Health are utilizing cutting-edge technology to change health care for the better. If you're ready to change lives, we want to hear from you.

This position will be responsible for the overall planning, Engineering, Operations, organization, and execution of processes and technology to manage Network Security services such as; firewalls, IDS, IPS, SASE, Cloud Security, and other network security services across the enterprise. Setting strategic vision on network security for Banner Health.

Information Security is an integral part of Banner's information technology culture. The candidate will provide the vision and leadership necessary to manage the network security risk to the organization and will ensure business alignment, effective governance, system and product availability, integrity, and confidentiality.

The successful candidate will join the IT Network Services organization and will be responsible for leadership and implementation of the Network Security platforms across the Data Center and Cloud services. This person will lead a team of high-performing engineers which have responsibility for the building & maintaining of Banner's Network Security technologies and environments. In addition to staff development and talent management, she/he will provide technical guidance to individual contributors. This role must instill a culture that works toward the highest standards in security operations while ensuring that business objectives are delivered uniformly and adhered to globally.

You will be responsible for leading a group of engineers that operate and support security infrastructure. This team exists to support on a 24x7 basis major data center as well as security cloud instances. Experience in Palo Alto Firewalls, intrusion detection, and prevention within Palo Alto, and Cloud architecture is a must.

Banner Health IT was awarded Inside Pro and Computerworld's 100 Best Places to work in IT for 2020, 2021, 2022, and 2023!

Your pay and benefits are important components of your journey at Banner Health. This opportunity includes the option to participate in a variety of health, financial, and security benefits. In addition, this position may be eligible for our Management Incentive Program as part of your Total Rewards package.

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

POSITION SUMMARY

This position will be responsible for the overall planning, organization and execution of processes and technology to manage data security across the enterprise. This position will also be responsible for participating in risk assessment activities across the enterprise to determine criticality of new and legacy systems, and determine level of controls necessary to protect data stored, processed, or transmitted by the same.

CORE FUNCTIONS

1. Collaborates with business owners and organizational stakeholders to define, implement and maintain enterprise-wide data protection strategy.

2. Oversees the operation of a DLP solution in accordance with enterprise data security and classification standards. Work swith vendors and third-party contractors to implement integrated DLP software solutions.

3. Collaborates with the IT Infrastructure team to implement technical mechanisms to encrypt sensitive and business critical data while in transit or at rest in accordance with regulatory, contractual, and business requirements. Ensures all data transmissions between applications and devices are encrypted.

4. Develops policies, procedures and controls designed to protect sensitive data. Develop and document processes to mask sensitive data in accordance with compliance requirements. Develops and documents processes for the recovery of data in the event of an adverse event or loss of data.

5. Inventories systems, applications, and databases, and determine criticality based on types of data stored, processed, or transmitted by the same.

6. Collaborates with the Enterprise Risk Management team to develop and maintains control profiles for various systems, applications, and databases based on criticality and sensitivity of data stored, processed, or transmitted by the same.

7. Identifies and implements data channel security technologies to monitor and prevent unauthorized activity.

8. Develops and oversees the department budget in conjunction with corporate goals and objectives. This position is accountable for meeting annual budgetary goals. Identifies and prioritizes security program expenditures in coordination with I/T, Audit, Compliance, and Legal.

9. This position reports to the Chief Information Security Officer and will interface with and support staff at all levels and in all areas throughout the enterprise. This person will also work frequently with external customers, vendors, and business partners on projects and various assignments.

Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.

MINIMUM QUALIFICATIONS

Requires a Bachelor's degree in Computer Science, Information Systems, Engineering, Business Administration or a related field.

Requires proficiency level typically attained with ten or more years experience in information security experience in positions of increasing responsibility including seven or more years of data protection and five years of leadership experience.

Extensive knowledge of data protection controls. Strong understanding of data classification tiers (e.g., Critical, Classified, Internal Use Only, Public, etc.) and the applicability of control profiles based on the selected classification.

Extensive experience designing, implementing and managing technical solutions for data security, including DLP, Digital Rights Management, eDiscovery and encryption.

Demonstrated experience with developing strategies for the proper operation and management of DLP monitoring capabilities.

Experience with the design and implementation of data encryption capabilities for workstations, laptops, and servers. Strong understanding of information security threats affecting the healthcare industry.

Experience strategizing with cross-functional business partners on information security solutions. Strong understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.).

Demonstrated organizational and leadership skills with the ability to lead, build, and develop a team of senior IT professionals through formal and informal reporting relationships. Demonstrated communication skills with the ability to build relationship and influence others to get results.

Extensive knowledge in governance frameworks including: ISO 27001, NIST, COBIT, ITIL.

Extensive knowledge in regulations and/or contractual obligations including: HIPAA, PCI, Sarbanes Oxley, GLBA, SOC /SSAE16.

PREFERRED QUALIFICATIONS

Advanced Degree in Computer Science, Information Systems, Engineering, Business Administration, or a related field. Industry certifications: CISSP, CISA, CISM, CRISC, EAP, etc.

Additional related education and/or experience preferred.

EOE/Female/Minority/Disability/Veterans

Our organization supports a drug-free work environment.

Privacy Policy