Senior Manager, Cybersecurity Operations

USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce.

We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization.

SUMMARY

The Sr.

Manager, Cybersecurity Operations will play an integral role in leading and maturing our operational security programs across the healthcare enterprise.

This role will oversee critical functions including incident response, vulnerability management, penetration testing, and governance, risk, and compliance (GRC) - with a laser focus on protecting electronic protected health information (ePHI), ensuring clinical continuity, and maintaining regulatory compliance (e.g., HIPAA, HITECH).

As a hands-on leader, you'll guide multidisciplinary teams, work across IT and business units, and play a key role in threat preparedness, detection, response, and risk reduction in a highly regulated and mission-critical environment.

Essential Duties and Responsibilities include the following.

Other duties and tasks may be assigned



* Partner with peers to lead the enterprise incident response (IR) program, including planning, detection, containment, eradication, recovery, and post-mortem review.


* Oversee 24/7 security monitoring via internal or external SOC teams and ensure robust playbooks and escalation protocols are in place.


* Coordinate with Legal, Compliance, Privacy, and Clinical stakeholders during high-severity events, especially those involving PHI.


* Direct the enterprise vulnerability management lifecycle, ensuring timely scanning, risk-based prioritization, and remediation.


* Lead integration of vulnerability intelligence with IT asset inventory, patching cadence, and threat landscape context.


* Work closely with application, infrastructure, and clinical engineering teams to address vulnerabilities in legacy systems and medical devices (IoMT).


* Manage internal and third-party penetration tests, red team exercises, and social engineering simulations.


* Translate technical findings into actionable risk narratives for IT and business stakeholders.


* Champion purple teaming efforts to align offensive assessments with defensive capability development.


* Collaborate with risk and compliance teams to maintain alignment with frameworks such as HIPAA, HITRUST, NIST CSF, and ISO 27001.


* Support and guide audit activities, policy development, risk assessments, and compliance reporting.


* Contribute to vendor and third-party risk evaluations with a focus on PHI exposure and critical service dependencies.


* Build, mentor, and retain a high-performing cybersecurity operations team.


* Develop metrics, dashboards, and KPIs to measure program health and report on security posture to executive leadership.


* Drive maturity initiatives across all operational domains, with an emphasis o...