Cyber Security Program Administrator

Position Highlights:

The Cyber Security Program Manager will oversee and sometimes even lead dozens of on-going, small yet complex efforts to maintain and improve Moffitt’s cyber security program and be responsible for ensuring that those efforts adhere to established cyber security industry best practices while aligning to Moffitt’s enterprise-wide goals of improving its cyber security posture. This role will also develop and manage reports that include current status, risk, issues, budget and timelines of all aspects of the cyber security program including incidents, problems, production changes and projects.

This position will be called upon to perform technical cyber security tasks such as architectural assessment, initial threat analysis, product integration planning and logging/report manifest generation and validation. Also, this position will be expected to seamlessly interact with highly skilled Cyber engineers and architects and “speak their language” in order to minimize delays and keep the cyber security program as nimble and responsive as possible as conditions in the world-wide cyber landscape change.

Additionally, this role will manage relationships across multiple inter-related efforts and may need to interact with vendors in order to keep Cyber leadership apprised of any issues and to assist in budgetary forecasting, capacity planning and risk mitigation. Furthermore, this work will also include developing  and updating Key Performance Indicators (KPI) as necessary to ensure evaluations of efforts, including incident resolution, are objective and uniform across the cyber security program.

Lastly, given the highly fluid and interdisciplinary nature of Cyber Security’s work at Moffitt, as well as the organizational position of the Cyber Security Department outside of IT within Moffitt, another function  of this role will be acting as a liaison between Moffitt’s Cyber Security (“Cyber”) and Information  technology (“IT”) departments in order to accomplish tasks outside the purview of Cyber. As such, this role requires demonstrated diplomacy, facilitation and excellent verbal and written communication skills with the English language. Finally, this role will partner with leaders outside of Cyber such as those in IT,  Legal, Compliance, Privacy and Internal Audit to ensure Cyber’s efforts are fulfilling the needs of the entire enterprise.

Responsibilities:

• Plan, define, utilize and coordinate assigned resources for projects and support tasks in collaboration with Enterprise IT, as necessary, to ensure success of all initiatives.
• Develop, propose and implement approved strategies to address process gaps, lessons learned  and incidents including implementation timelines. Ensure all initiatives adhere to all intake and  audit requirements.
• Assist in the development and delivery of ongoing reporting and trending metrics around the  cyber security program to improve the operations of the Cyber Security Department and to  bolster Moffitt’s cyber security posture.
• Give expert opinions on the development and implementation of best practices and standards at Moffitt related to cyber security. Assess potential impact on cyber resources of changes  proposed by Enterprise IT. Assist in Root Cause Analysis identification and future prevention of  similar incidents.

Credentials and Experience:

• Bachelor's Degree – field of study: Cyber Security, Computer Science, Information Technology, Business  Administration / Management or a closely related field
• Minimum of ten (10) years' experience in cyber security analyst, engineer and/or architect or closely related roles with direct cyber security responsibilities.
  • Master's degree and eight (8) years of experience as a cyber security analyst, engineer and/or architect may be considered in lieu of a Bachelor's degree.
• At least seven (7) years of experience in project management as a Project Manager, Program Manager or a closely related role.
• Experience defining, developing and implementing standards, documentation, reports, processes and procedures related to performance assessment and improvement of on-going cyber security functions in a modern cyber security program.
• Experience managing multiple simultaneous long- and short-term workstreams across various lines of business within a large organization.
• Experience with basic financial oversight within the scope of identifying risk and notifying stakeholders as appropriate.
• Experience managing vendor relationships.
• Experience training and/or coaching.

Preferred Experience:

• Experience working with the NIST and MITRE ATT&CK frameworks and cyber security programs designed around them.
• Experience with various project and process management methodologies and concepts such as Agile, Waterfall, Scrum, Six Sigma and ITIL.
• Experience as a member of H-ISAC, HIMSS and/or FBI InfraGard.

Certifications:

• CompTIA Security+ certification required within 6 months of hire.
• ITIL Foundation required within 6 months of hire.
• Project Management Professional certification required within 6 months of hire.