Job
Description
As a Cyber Security Incident Management Manager at R1 RCM, you will play a crucial role in leading the organization's response to cybersecurity threats and data privacy incidents. Your responsibilities will include: - Leading the detection, triage, investigation, containment, and remediation of cybersecurity and privacy-related incidents. - Serving as the central coordinator for major incidents involving PHI/PII exposure, ransomware, insider threats, or unauthorized access. - Utilizing technology suite including SIEM, DLP, EDR etc. for threat detection, analytics, and action taking. - Maintaining documentation for incident timelines, decisions, and mitigation activities in ServiceNow. - Improving playbooks for recurring incidents for pragmatic risk management and remediation. - Leveraging ServiceNow to manage incident workflows, escalation paths, SLA tracking, evidence handling, and audit trail documentation. - Structuring threat intelligence and threat hunting activities into incident response workflows to enhance detection capabilities. - Tracking incident response metrics, conducting root cause analysis, and generating regular reports and dashboards for leadership, compliance, and audit stakeholders. - Developing internal training for operational teams to improve breach recognition and response preparedness. - Participating in tabletop exercises and readiness testing with business units and leadership. Qualifications: - Bachelor's degree in Technology, Cybersecurity, Information Systems, Risk Management, or a related field. Masters preferred. Experience Skills & Knowledge: - 7-9 years of experience in cybersecurity and privacy incident response, preferably in a regulated environment (e.g., healthcare, finance, SaaS). - Strong understanding of HIPAA, HITECH, GDPR, CCPA, and state/federal breach notification laws. - Experience managing incidents using SIEM and ticketing management systems such as Microsoft Sentinel and ServiceNow. - Familiarity with EDR, DLP tools, data flow mapping, forensic investigation, and threat intelligence integration. Key Competency Profile: - Certified Information Security Manager (CISM) - Certified Information Systems Security Professional (CISSP) - Certified in Risk and Information Systems Control (CRISC) At R1 RCM, you will have the opportunity to work in an evolving healthcare setting, collaborate with a fast-growing team, and contribute to innovative solutions that make a real impact in the communities we serve around the world. Additionally, we offer a culture of excellence, competitive benefits package, and opportunities for professional growth and development. For more information, please visit r1rcm.com. As a Cyber Security Incident Management Manager at R1 RCM, you will play a crucial role in leading the organization's response to cybersecurity threats and data privacy incidents. Your responsibilities will include: - Leading the detection, triage, investigation, containment, and remediation of cybersecurity and privacy-related incidents. - Serving as the central coordinator for major incidents involving PHI/PII exposure, ransomware, insider threats, or unauthorized access. - Utilizing technology suite including SIEM, DLP, EDR etc. for threat detection, analytics, and action taking. - Maintaining documentation for incident timelines, decisions, and mitigation activities in ServiceNow. - Improving playbooks for recurring incidents for pragmatic risk management and remediation. - Leveraging ServiceNow to manage incident workflows, escalation paths, SLA tracking, evidence handling, and audit trail documentation. - Structuring threat intelligence and threat hunting activities into incident response workflows to enhance detection capabilities. - Tracking incident response metrics, conducting root cause analysis, and generating regular reports and dashboards for leadership, compliance, and audit stakeholders. - Developing internal training for operational teams to improve breach recognition and response preparedness. - Participating in tabletop exercises and readiness testing with business units and leadership. Qualifications: - Bachelor's degree in Technology, Cybersecurity, Information Systems, Risk Management, or a related field. Masters preferred. Experience Skills & Knowledge: - 7-9 years of experience in cybersecurity and privacy incident response, preferably in a regulated environment (e.g., healthcare, finance, SaaS). - Strong understanding of HIPAA, HITECH, GDPR, CCPA, and state/federal breach notification laws. - Experience managing incidents using SIEM and ticketing management systems such as Microsoft Sentinel and ServiceNow. - Familiarity with EDR, DLP tools, data flow mapping, forensic investigation, and threat intelligence integration. Key Competency Profile: - Certified Information Security Manager (CISM) - Certified Information Systems Security Professional (CISSP) - Certified in Risk and Information Systems Control (CRISC) At R1 RCM, you will have
