Skip to main contentA logo with &quat;the muse&quat; in dark blue text.

Director Threat Management

AT Surescripts
Surescripts

Director Threat Management

Gunnison, CO / Remote

Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. We deliver insights at critical points of care for better decisions - from streamlining prior authorizations to delivering comprehensive medication histories to facilitating messages between providers.

Job Summary:

The Director, Threat Management helps carry out the strategy of a proactive information security program by leading through effective identification and mitigation of the cyber threats that are posed to the Surescripts network. The Director, Threat Management oversees the implementation and management of cutting-edge tools and methodologies to detect, analyze and respond to emerging threats in real-time. The Director, Threat Management leads the Blue Team (incident response) and the Red Team (internal penetration testing) along with the Manager, Threat management to identify vulnerabilities and suspicious activities before they escalate to critical incidents. This leader directs the Incident Response team in collaboration with the Crisis Management Team. The Director, Threat Management provides critical insights into global threats, trends, cybercrime tactics and potential attack vectors specific to the healthcare industry.

Want more jobs like this?

Get Management jobs delivered to your inbox every week.

Select a location
By signing up, you agree to our Terms of Service & Privacy Policy.


The role requires technical competence and business acumen to foster and maintain strong relationships with business units. The Director, Threat Management requires constant up-to-date familiarity with Threat Management tactics, techniques, and procedures (TTPs) across all lines of business in complex environments. The Director, Threat Management also contributes to the company information security strategy and risk management roadmap.

Responsibilities:

  • Oversee and proactively coordinate the organization's cybersecurity efforts under the direction of the CISO
  • Identify, respond to and mitigate cyber threats before they become critical incidents.
  • Contain, mitigate and remediate incidents to ensure that the response times are minimized.
  • Combine strategic vision with operational oversight to ensure the organization is adequately protected against a wide range of cyber threats.
  • Manage overall cyber security risks as they pertain to Surescripts and its customers.
  • Oversee the Threat Management operations:

    • Threat detection
    • Vulnerability Management
    • Insider Threat Detection
    • Data Loss Prevention
  • Lead the Incident Response Teams:

    • Perform regular tabletop exercises
    • Ensure the right tools are leveraged for incident response
    • Ensure ongoing staff development
    • Collaborate with Legal and outside counsel as needed
    • Collaborate with outside incident response teams as needed
  • Develop and maintain up-to-date Incident Response Plans
  • Post incident reviews and root cause analysis in a centralized location for collaboration with key stakeholders
  • Collaborate with cross-functional partners and external partners
  • Evaluate and implement security technologies.
  • Ensure regulatory compliance.
  • Prepare for audits and reporting of the Threat Management Program
  • Establish, monitor and report Threat Management program metrics and reporting.
  • Develop staff skills and competencies. Identify training needs and opportunities
  • Engage when needed for merger and acquisition activities to ensure risks are mitigated effectively.
  • Lead a team of internal and external penetration testers to ensure proper application, internal and external penetration testing is scheduled to meet the needs of the business, information security compliance and contractual requirements.
  • Ensure service provider contracts contain language acceptable to monitoring and enforcement across provided services and accessible data. 
  • Focus on active threat monitoring while adhering to, and not overstepping, privacy requirements. 
  • Baseline accounts and systems to identify deviation from expected behavior and investigate as required. 
  • Plan and execute regular tabletop drills of Threat Management incident response and postmortem exercises with a focus on measurable improvement and benchmarking to show progress (or deficiencies requiring additional attention). 
  • Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of threat analysts.  Manage career development for a team of analysts, including training and mentoring, conducting performance reviews and modeling behavior for team members.

Qualifications

Basic Requirements:

  • Bachelor's degree in computer science, information assurance, MIS or related field, or equivalent.
  • 8-10+ years of information security administration, monitoring and response or related experience.  
  • Experience managing a Threat Management program and leading technical teams. 
  • Demonstrated business acumen. 
  • Excellence in communicating business risk from cybersecurity topics. 
  • Strong understanding and demonstrated use of best practices following NITTF, NIST and CERT guidance. 
  • Proficient in driving measurable improvement in detection and response capabilities at scale. 
  • Experience managing SIEM, UEBA, vulnerability management, data loss prevention (DLP), threat intelligence, MITRE ATT&CK framework mapping, security orchestration automation and response (SOAR), and other network and system monitoring tools.
  • Experience supporting investigations using formal chain-of-custody methods, forensic tools and best practices. 
  • Proficient in security analytics and threat data management. 
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well. 

Preferred Qualifications:

  • CISSP (preferred); CERT ITPM and/or ITVA (preferred or willing to obtain); SANS certification a plus.

Keywords: threat management, blue team, red team, incident management, vulnerability management

#LI-REMOTE

Surescripts embraces flexibility through its Flexible Hybrid Work model for most positions. This model allows employees to work virtually while still utilizing our offices as collaboration centers. With alignment and agreement from your leadership, you can come and go from the office as needed.

What You're Like

You're technical. Analytical. Imaginative. Maybe you're building your own crypto-mining rig-or not. Either way, your mind works to anticipate vulnerabilities and protect the company and its information against those vulnerabilities. You do the right thing because it's the right thing without seeking to point fingers or brag. And of course, you're always willing to keep learning.

What We're Like

We're a team of friendly folks who do serious work. Our best work is done by rising to the occasion under stress, but we keep each other cool under pressure. We're a tight team but we also look for ways to partner across the business. Our style is casual and laid back, but we shoulder our responsibility to protect patient data from sophisticated adversaries, which sometimes means delivering a difficult truth.

What the Work is Like

Our challenge is to protect our customers' data and our company. This requires anomaly analysis, risk reviews, pen testing of our controls, red-teaming and tabletops, policy and procedure work, documentation, and audits. We also engineer and maintain our security products and tools. It's not always a typical 9-to-5 gig, of course, but then again, you work in information security, so you already know that.

Why Wait? Apply Now

We're a midsize company. This means you're not just another employee ID number. Here, you can build real relationships and feel supported by truly awesome people with diverse backgrounds and talents in an innovative and collaborative work culture. We strive to create an environment where you can be yourself, share your ideas and work your way. We offer opportunities for employee development, as well as competitive compensation packages and extensive benefits.

At Surescripts, base pay is one part of our Total Rewards Package (which may also include bonus, benefits etc.) and is determined within a range. The base pay range for this position is $183,800 - $224,600 per year. Your base pay may vary within or outside of this range depending on a number of factors, including (but not limited to) your qualifications, skills, experience, and location.

Benefits include, but are not limited to, comprehensive healthcare (including infertility coverage), generous paid time off including paid childbirth and parental leave and mental health days, pet insurance, and 401(k) with company match and immediate vesting. To learn more, review the Keep You and Yours Healthy, Balancing Work and Life, and Where Talent Takes Shape links under the Better Benefits. Better Work. Better Life section of our careers site.

Physical and Mental Requirements

While performing duties of this job, an employee may be required to perform any, or all of the following: attend meetings in and out of the office, travel, communicate effectively (both orally and in writing), and be able to effectively use computers and other electronic and standard office equipment with, or without, a reasonable accommodation. Additionally, this job requires certain mental demands, including the ability to use judgement, withstand moderate amounts of stress and maintain attention to detail with, or without, a reasonable accommodation.

Work Environment

Surescripts embraces flexibility through its Flexible Hybrid Work model for most positions. This model allows employees to work virtually while still utilizing our offices as collaboration centers. With alignment and agreement from your leadership, you can come and go from the office as needed.

Surescripts is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate on the basis of race, color, religion, age, national origin, ancestry, disability, medical condition, marital status, pregnancy, genetic information, gender, sexual orientation, parental status, gender identity, gender expression, veteran status, or any other status protected under federal, state, or local law.

Client-provided location(s): United States
Job ID: Surescripts-REQ2590
Employment Type: Full Time

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • HSA
    • Pet Insurance
  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
  • Office Life and Perks

    • Commuter Benefits Program
    • Casual Dress
    • Happy Hours
    • Snacks
    • Some Meals Provided
  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Volunteer Time Off
    • Summer Fridays
  • Financial and Retirement

    • 401(K) With Company Matching
    • Performance Bonus
  • Professional Development

    • Tuition Reimbursement
    • Learning and Development Stipend
    • Promote From Within
    • Access to Online Courses