• Impact: Balance short and long-term business impact by developing strategies to manage risks.
• Security Operations Center (SOC) Oversight:
• Oversee the daily operations of the SOC, ensuring effective monitoring, detection, analysis, and response to security incidents.
• Develop and maintain SOC procedures, playbooks, and incident response protocols.
• Ensure 24/7 coverage and response capability, including managing shifts, on-call rotations, and escalations.
• Incident Response and Threat Management:
• Lead the development and execution of incident response plans and processes.
• Coordinate and manage security incidents, including detection, containment, eradication, and recovery efforts.
• Conduct post-incident reviews, root cause analysis, and implement improvements based on lessons learned.
• Security Monitoring and Threat Intelligence:
• Implement and maintain security monitoring tools, including SIEM, IDS/IPS, EDR, and other security technologies.
• Utilize threat intelligence feeds and sources to stay informed about emerging threats and vulnerabilities.
• Develop and maintain metrics and reports to track the effectiveness of security monitoring and incident response activities.
• Vulnerability Management:
• Oversee the vulnerability management program, including regular scanning, assessment, and remediation efforts.
• Work with IT and development teams to prioritize and address vulnerabilities and security gaps.
• Ensure that patch management processes are effective and up to date.
• Security Policies and Compliance:
• Develop, implement, and enforce security policies, standards, and procedures that align with industry best practices and regulatory requirements.
• Ensure compliance with relevant regulations and standards (e.g.,SOC2, HIPAA, ISO27001).
• Coordinate with Compliance teams for internal and external security audits, and respond to audit findings.
• Risk Management:
• Identify, assess, and mitigate security risks to the organization’s assets and operations.
• Provide recommendations for risk mitigation and reduction.
• People: Develop outstanding teams using a combination of world-class-hiring and direct-timely-actionable feedback to develop security talent.
• Lead, mentor, and manage the Security Operations team, including SOC analysts, incident responders, and other security staff.
• Foster a collaborative and high-performing team environment, encouraging continuous learning and development.
• Define roles, responsibilities, and expectations for the security operations team, ensuring alignment with organizational goals.
• Execution: Set aggressive yet clear goals and remove all roadblocks for the team to achieve them.
• Collaboration: Develop strong relationships and work cross-functionally with many partners across organizations and functions, and as a result, increase the impact of the team’s work.
• Work closely with IT, product development, legal, and other departments to ensure security requirements are integrated into projects and initiatives.
• Communicate security incidents, and metrics to executive leadership and key stakeholders.
• Provide security awareness training and education to employees across the organization.
• Company: Work closely with company-wide leaders to drive excellence in our processes and systems that protect patients, our employees, and Aledade as a

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree preferred).
• Minimum of 10 years of experience in security operations, with at least 5 years in a leadership or management role.
• Proven experience in managing a SOC and leading incident response efforts.
• Strong understanding of security technologies, including SIEM, IDS/IPS, EDR, firewalls, and vulnerability management tools.
• Ability to work effectively in high-pressure situations and manage multiple priorities.
• Experience with regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS).

Preferred Knowledge, Skills, and/or Abilities:

• Excellent leadership, communication, and interpersonal skills.
• Strong analytical and problem-solving abilities with a proactive and forward-thinking approach.
• In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).

NA