Location: US:WI:MENOMONEE FALLS at our WOODLAND PRIME 400 facility.This job is REMOTE.FTE: 1.00Standard Hours: 40.00Shift: Shift 1Job Summary:The SecOps Manager is primarily responsible for the day-to-day operations of the Security Operations Center and team, including threat detection, incident response, digital forensics, and data protection across the health system's clinical, financial, and administrative environments, in compliance with the organization's security policies and procedures, regulations, and law. Other duties as assigned.
Responsibilities:
Creates a SecOps program that supports the CISO's overall Cybersecurity Program and plans, continually assesses and matures practices and team skills to keep the organization secure. Job Standard 2: Manages, trains, retains, and supports the Security Operations (SecOps) Team. Job Standard 3: Manages the CyberSecurity Operations Center (CSOC) function, overseeing 24x7 monitoring, triage, and escalation of security events across the environment. Job Standard 4: Directs incident response activities, including containment, eradication, recovery, and post-incident review, coordinating with the CISO/Deputy CISO on high-severity events. Job Standard 5: Oversees digital forensics and investigations, including evidence collection, chain of custody, and use of forensic tooling to support HR, legal, and law enforcement inquiries. Job Standard 6: Manages proactive threat hunting activities to identify adversary behavior not surfaced by automated alerting. Job Standard 7: Administers and optimizes the SIEM platform, ensuring log source coverage, use-case tuning, and alert fidelity. Job Standard 8: Oversees data loss prevention (DLP) tooling to prevent unauthorized exfiltration of patient, employee, and business data. Job Standard 9: Manages email security tooling to defend against phishing, business email compromise, and malicious attachments/links. Job Standard 10: Oversees CASB and secure web gateway platforms to enforce safe cloud and web usage across managed and unmanaged devices. Job Standard 11: Evaluates and integrates security tooling where applicable to extend or consolidate the SecOps tool stack. Job Standard 12: Develops and maintains SecOps playbooks, runbooks, and standard operating procedures. Job Standard 13: Monitors compliance with security policies and procedures among employees, contractors, alliances, and other third parties, and takes corrective action. Job Standard 14: Performs security risk analysis and periodic activity reviews to identify gaps in detection and response coverage. Job Standard 15: Supports disaster recovery and business continuity testing as it relates to security monitoring and incident response readiness. Job Standard 16: Serves as an internal SecOps consultant to the organization, advising on emerging threats and detection strategy. Job Standard 17: Monitors advancements in security operations technologies and threat intelligence. Job Standard 18: Monitors changes in legislation and accreditation standards that affect security operations. Job Standard 19: Initiates, facilitates, and promotes security awareness activities related to threat detection and incident reporting. Job Standard 20: Serves as SecOps liaison for clinical, financial, administrative, and behavioral systems, and acts as liaison to the Information Systems Department, privacy officer, and Security and Privacy Committees. Job Standard 20: Maintains an effective Vulnerability Management Program, oversees program, tooling, contracts, and outcomes.
EXPERIENCE DESCRIPTION: Five or more years of experience in security operations, incident response, or threat hunting, with prior people-management or team-lead experience preferred
EDUCATION DESCRIPTION: Bachelor's degree in information security, computer science, or a related field is required.
SPECIAL SKILLS DESCRIPTION: Knowledge of network infrastructure, SIEM administration, DLP/CASB/SWG tooling, email security platforms, digital forensics methodology, and good presentation and communication skills.
Licensure Description:GIAC (GCIH, GCFA, or GNFA), CISSP, or CISM certification is preferred.
Compensation, Benefits & Perks at Froedtert Health Pay is expected to be between: (expressed as hourly) $49.15 - $84.07. Final compensation is based on experience and will be discussed with you by the recruiter during the interview process.
Froedtert Health Offers a variety of perks & benefits to staff, depending on your role you may be eligible for the following:
- Paid time off
- Growth opportunity- Career Pathways & Career Tuition Assistance, CEU opportunities
- Academic Partnership with the Medical College of Wisconsin
- Referral bonuses
- Retirement plan - 403b
- Medical, Dental, Vision, Life Insurance, Short & Long Term Disability, Free Workplace Clinics
- Employee Assistance Programs, Adoption Assistance, Healthy Contributions, Care[redacted], Moving Assistance, Discounts on gym memberships, travel and other work life benefits available
The Froedtert & the Medical College of Wisconsin regional health network is a partnership between Froedtert Health and the Medical College of Wisconsin supporting a shared mission of patient care, innovation, medical research and education. Our health network operates eastern Wisconsin's only academic medical center and adult Level I Trauma center engaged in thousands of clinical trials and studies. The Froedtert & MCW health network, which includes ten hospitals, nearly 2,000 physicians and more than 45 health centers and clinics draw patients from throughout the Midwest and the nation.