NYC Health + Hospitals

GENERAL SUMMARY:

The Security Manager is a critical leadership position responsible for the strategy, implementation, and oversight of all cybersecurity initiatives at HDCav, both internally and for our clients. This role develops and enforces security policies and programs, ensures compliance with industry standards (like CMMC, NIST 800-171, and others), and partners closely with technical and client teams to protect data and systems.

Essential Duties and Responsibilities:

• Lead the security vision for the organization and align it with business goals.
• Establish, implement, and monitor security framework, policies, processes, and incident response procedures.
• Oversee security assessments and audits for internal systems and for clients, ensuring compliance with regulatory standards and best practices.
• Provide leadership in incident management, coordinating investigations, containment, and recovery.
• Lead and mentor the internal SOC team.
• Train and guide internal teams on security awareness, best practices, and compliance obligations.
• Participate in budget planning and security related capital projects.
• Collaborate with other department leaders to ensure our security supports the operational and strategic goals.
• Act as HDCav’s primary point of contact for cybersecurity escalations, both internally and with clients.
• Define and track KPIs for security metrics, and compliance initiatives.
• Stay current on emerging threats, vulnerabilities, and regulatory developments, advising the leadership team accordingly.

What Success Looks Like:

Clients trust HDCav to keep their environments secure and compliant. Internally, the organization has robust security processes and culture, minimizing risk and enabling smooth, secure operations. The Security Director leads with clarity and expertise, ensuring HDCav is seen as a security-first partner.

Knowledge, Skills, and/or Abilities Required:

• Significant experience in cybersecurity leadership, ideally within an MSP or consulting environment.
• Certifications such as CISSP, CISM, or Microsoft Security certifications preferred.
• In-depth knowledge of IT infrastructure, cloud environments (Microsoft Azure), and security best practices.
• Strong understanding of regulatory compliance frameworks (HIPAA, CMMC, NIST, SOC 2).
• Experience implementing and managing firewalls, endpoint protection, backup/disaster recovery, and network monitoring.
• Familiarity with M365 GCC, Entra ID, Intune, SentinelOne, Sophos, ConnectWise suite, IT Glue, and other MSP-standard tools is preferred.
• Proven leadership ability in managing and growing high-performing technical teams.
• Strong project management, organizational, and documentation skills.
• Ability to communicate clearly with technical and non-technical stakeholders.

Job Type: Full-time

Pay: $120,000.00 - $150,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Life insurance
• Paid time off
• Tuition reimbursement
• Vision insurance

Compensation Package:

• Bonus opportunities
• Quarterly bonus

Schedule:

• 8 hour shift
• Day shift
• Monday to Friday
• On call

Ability to Commute:

• Bremerton, WA 98311 (Required)

Work Location: In person