Director, Vulnerability Management - Fully Remote

The Director of Vulnerability Management is accountable for building a comprehensive Vulnerability Management program that includes, Secure Software Development Lifecycle, Patch Governance, and Application Security. Reporting directly to the Chief Information Security Officer, this position leads the Vulnerability Management team, the Application Security Team, and Reporting and Education.

This is a fully remote position, allowing you to work from the comfort of your own home from anywhere in the US.

Job Details:

• Will oversee policy standards and implementation strategies as they relate to vulnerability governance and management; and secure software development to ensure procedures and guidelines comply with cybersecurity policies.
• Prioritizes gaining the knowledge of organizational objectives, leadership priorities, and decision-making risks.
• Will have the skills to create processes in order to anticipate new security threats.
• Must be able to develop or recommend planning solutions to problems and situations for which no precedent exists.

• Accountable for the oversight and management of all elements of vulnerability management within the office of the CISO, including supervision and mentorship of subordinates.
• Partner with Information Technology leaders to facility compliance of security controls of Magellan information systems regarding HIPAA, HITrust, NIST, and applicable regulatory and contractual requirements, ensuring effective security operations of Magellan systems, networks, business partner agreements, and interconnections.
• Support the development and implementation of effective and reasonable policies and practices to secure sensitive data and ensure security and compliance with contracts, regulatory requirements, and industry standards.
• Support the coordination and tracking of all information and technology related audits including scope of audits, business units involved, timelines, and outcomes.
• Provide guidance, evaluation, and advocacy on audit responses.
• Support the office of the CISO in establishing annual and long-term information security goals, defining security strategies, metrics, reporting mechanisms, and maintaining or increasing the information security maturity model.
• Support in the design, development, and deployment of proactive security initiatives around information security awareness and branding that contribute to an improved security posture for the organization.
• Review projects and provide security standards to the technology, prescribing appropriate protection configurations that will balance business requirements with enterprise technology standards to arrive at the optimal solution.
• Monitor compliance with information security policies and procedures.
• Monitor applications, network, devices and servers for vulnerability based security violations.
• Ensure adequate security solutions are in place to mitigate identified risks sufficiently to meet business objectives and regulatory requirements.
• Research emerging technologies in support of IT security enhancement and development efforts.
• Assist in formalizing and updating security policies, procedures and technical standards.
• Develop technical solutions to autonomously verify compliance with required technical controls.
• Persistently evaluate adherence with defined standards.
• Drive remediation and/or mitigation efforts for all vulnerabilities in the environment, ensuring appropriate response to high risk and aged findings.

This position is responsible for understanding our business and IT strategy and ensure that we have the skills and capabilities required to deliver on our business and technical commitments. They will also focus on Continuous improvement within the area and lead IT initiatives and special projects within their portfolio of applications.

• Manages the selection, evaluation, contracting, and integration of externally available hardware, software, and data to deliver business solutions.
• Builds and leads a transformational team that is required to design and execute on key business and technical strategies. Provides thought leadership and clear technical direction to the team to deliver results and business value. Mentors and coaches the team to foster a culture of continuous learning and collaboration.
• The leader will possess a deep knowledge and experience in the required domain.
• Directs and manages through analysis, planning, design, development, testing, installation, and maintenance of support systems for business areas.
• Selects and builds strong teams through formal training, diverse assignments, and coaching, mentoring, and other development techniques.
• Manages and develops project cost estimates, benefits and assessment of potential project risks.
• Manages projects, people, customer expectations, and business priorities to achieve customer satisfaction.
• Manages budgets, plans and expenses; may have cost center responsibilities.
• Oversees throughput for encounter processing acting as liaison between the customer and Magellan IT teams.
• Oversees and acts in review board fashion for reports delivered from Magellan to the customer.
• Manages vendors.
• Shares best practices throughout IT.

Other Job Requirements

Responsibilities
10+ years of experience in Software Engineering and leading teams through the development and support of applications.
Must have 2+ years of experience leading teams.
Broader experience across IT or across different industries (for external hires) is a must.
Experience in health care, insurance or related field.
Critical thinker.
Demonstrated problem solving techniques.
Strong verbal and written communication skills.
Ability to coach and build skills within the team.

General Job Information

Title
Director, Vulnerability Management - Fully Remote

Grade
31

Work Experience - Required
IT

Work Experience - Preferred

Education - Required

Education - Preferred
Bachelors - Computer and Information Science

License and Certifications - Required

License and Certifications - Preferred

Magellan Health, Inc. is proud to be an Equal Opportunity Employer and a Tobacco-free workplace. EOE/M/F/Vet/Disabled.
Every employee must understand, comply with and attest to the security responsibilities and security controls unique to their position; and comply with all applicable legal, regulatory, and contractual requirements and internal policies and procedures.