Manager, Incident Response

Who You Are

You are devoted, compassionate, and enjoy being on the front lines in healthcare, changing the lives of your patients. You are passionate about getting to the root cause of a patient’s conditions, removing social determinants of healthcare, and ensuring the highest possible quality of life for those in your care. You don’t want to sacrifice quality over quantity, and you aim to provide the same level of care and commitment to your patients that you would to your own family member.

Does this sound like you? If so, we should talk.

Who We Are

We are Honest Medical Group, a groundbreaking team of health care professionals focused on making a major impact in health care. At Honest, we align every aspect of our company to support patients and providers. We are devoted to purpose and inspired by innovation. We embrace our communities and lead with kindness. We drive health improvements, create a seamless member experience, and eliminate unnecessary cost. We listen to the needs of our patients and our employees—continually working to push beyond the status quo.

For us, it’s all in an Honest day’s work.

Your Role

We are seeking a seasoned cybersecurity professional with extensive experience in incident response and with a passion for safeguarding sensitive information, mitigating security risks, and threat hunting. You will manage cybersecurity incidents with efficiency and precision, developing and implementing cybersecurity awareness programs, continuous learning, and professional development. In this role you need strong leadership abilities, a keen eye for detail, and communication and interpersonal skills that allow you to collaborate with stakeholders at all levels of the organization.

Additionally, you crave the opportunity to align your talents with a healthcare organization dedicated to prioritizing both patient and team member well-being, striving to cultivate an exceptional team member experience. Join us in making a meaningful impact and shaping the future of cybersecurity and Healthcare within a dynamic, people-centric environment.

Primary Functions of the IR Manager Include:

Cybersecurity Incident Response:

• Lead and manage the company's incident response processes and team members as the organization grows.
• Develop, implement, and maintain incident response plans and procedures.
• Coordinate and conduct incident response activities, including detection, analysis, containment, eradication, and recovery.
• Investigate security incidents to determine root cause and implement corrective actions.
• Ensure timely and effective communication with stakeholders during security incidents.
  
  

Threat Hunting:

• Proactively identify and mitigate potential security threats and vulnerabilities.
• Conduct threat hunting exercises to identify and address advanced persistent threats.
• Stay current with the latest threat intelligence and security trends.
  
  

Cybersecurity Awareness:

• Develop and implement cybersecurity awareness training programs for team members.
• Promote a culture of cybersecurity awareness and best practices throughout the organization.
• Monitor and measure the effectiveness of cybersecurity awareness initiatives.
  
  

HIPAA (Health Insurance Portability and Accountability) Compliance:

• Ensure compliance with HIPAA regulations and standards.
• Develop, implement, and maintain policies and procedures to protect the confidentiality, integrity, and availability of protected health information (PHI).
• Conduct regular audits and assessments to ensure HIPAA compliance.
  
  

Team Management:

• Recruit, train, and mentor incident response team members.
• Provide leadership and guidance to the incident response team.
• Foster a collaborative and high-performing team environment.
  
  

SOC (Security Operations Center)/ SIEM (Security Information and Event Management) Coordination, Collaboration, and Leadership:

• Coordinate closely with the Managed Security Service Provider (MSSP) to ensure seamless integration and operation of the Security Operations Center (SOC) and Security Information and Event Management (SIEM) solution.
• Collaborate with the MSSP to define and refine alerting thresholds, response procedures, and escalation paths to effectively address security incidents.
• Provide direction and guidance to both internal incident response teams and external MSSP/SOC analysts during security incident escalations and threat hunting initiatives.
• Lead cross-functional incident response efforts, bringing together teams from IT, legal, compliance, and other departments to coordinate response activities and mitigate security risks effectively.
  
  

How You Qualify

You reviewed the Who You Are section of this job posting and immediately felt the need to read on. This makes you a match for our innovative culture. You accept things change quickly in a startup environment and are willing to pivot quickly on priorities.

• Must have reliable access to high-speed internet to ensure seamless remote work communication and productivity
• Bachelor's degree in computer science, information technology, cybersecurity, or a related field is required; Master's degree considered a plus
• 5+ years of experience in cybersecurity incident response, threat hunting, and cybersecurity awareness
• Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST CSF, ISO 27001, HIPAA)
• Proven experience in successfully building and leading teams in a fast-paced startup environment, demonstrating the ability to recruit, onboard, and develop talent from inception to operational effectivenessExperience with incident response tools and technologies
• Excellent communication, leadership, and problem-solving skills
• Relevant certifications (e.g., CISSP, CISM, GIAC) preferred
  
  

How You Are Supported

• As a full-time team member, you will benefit from Honest’s exceptional total rewards package, including competitive base pay with bonuses, paid time off starting at 4 weeks for full time employees, 12 paid holidays per year, reimbursement for continuing medical education, 401k with match, health, dental, and vision insurance.
• As a part-time team member, you will benefit from Honest’s total rewards package, including competitive base pay with bonuses, pro-rated paid time off, paid holidays, reimbursement for continuing medical education, 401k with match.
• Family friendly policies that support paid parental leave and flexible work arrangements
• As a team member you’ll be supported by our robust commitment to training and development that starts with onboarding and continues throughout your career with Honest
• You will collaborate with like-minded healthcare professionals who, like you, understand the importance and value of Honest’s high-quality, value-based, care model.
  
  

Honest is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.

Honest is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities. Applicants with a disability who require a reasonable accommodation for any part of the application or hiring process should email [email protected] for assistance. Reasonable accommodation will be determined on a case-by-case basis.

Honest Medical Group contacts candidates via various platforms, including Honest’s recruiting platform and/or email or text message. If working with candidates directly, Honest will contact candidates using an honestmedicalgroup.com email address. For reference, the recruiting process will always include a live phone call and/or real person interview prior to making a formal offer of employment. Honest will never ask for an individual’s confidential personal information or financial account information (i.e., social security number or bank account and/or routing number) prior to a formal offer and will never ask for transfers of money or financial information by email, text, Venmo, or other social media. Further, Honest will never request financial account security information (i.e., PIN number, password, or security access information). We encourage all candidates to be diligent in their job search and to verify the contact information of individuals they are working with. If there are any questions as to whether a communication is coming from Honest, candidates may reach out to [email protected].