US Anesthesia Partners is the highest-quality single-specialty anesthesia practice in the United States, with over 6,000 employees distributed across 12 states. Our clinical and non-clinical staff support each other as they work toward a common vision: Empowering people to advance exceptional care.

POSITION SUMMARY: The Senior Manager – Information Security – Threat Management leads cybersecurity operations with responsibility for advanced protection, detection, and response capabilities. Reporting to the Information Security Director, this senior role supervises the Security Operations Center (SOC) and external Managed Security Service Providers (MSSPs), manages enterprise security tools and network architecture, and ensures operational excellence aligned with IT service management (ITSM) best practices. This position is expected to drive strategy, mentor staff at all levels, and influence executive leadership on cybersecurity priorities. The senior manager applies the NIST Cybersecurity Framework (Protect, Detect, Respond) and the MITRE ATT&CK framework to mature enterprise defenses, while ensuring compliance with HIPAA and healthcare industry requirements.

ESSENTIAL DUTIES AND RESPONSIBILITIES: (The ideal candidate must be able to complete all physical requirements of the job with or without a reasonable accommodation)

Leadership & Operational Oversight

• Leads and manages daily security operations, including alerts, escalations, and ticketing, ensuring rapid identification and mitigation of risks.
• Supervises Security Operations and MSSP partners, ensuring high-quality 24/7 monitoring, efficient triage, and continuous improvement of Security Operations processes.
• Serves as Incident Commander, coordinating the enterprise incident response process and directing communication with executive leadership, IT, and business teams.
• Manages and mentors security analysts, and collaborates closely with engineers to foster a culture of continuous improvement and operational readiness.

Threat Management & Incident Response

• Oversees threat detection, incident response, and vulnerability management, aligning with NIST CSF and MITRE ATT&CK best practices.
• Leads advanced practices such as threat hunting, red teaming, and adversary emulation to proactively identify emerging threats.
• Directs forensic investigations and ensures lessons learned are integrated into detection and response capabilities.
• Designs and maintains incident response plans and playbooks to ensure consistent and effective crisis management.

Security Engineering & Technology Management

• Manages operations of core security operations functions, including SIEM, EDR, cloud/SaaS security controls, email security, DLP, network architecture, authentication, and system hardening.
• Integrates and optimizes security tools and telemetry to enhance operational visibility, improve correlation, and reduce threat dwell time.
• Oversees the monitoring of security systems and logs, leveraging threat intelligence and analytics to quickly identify and investigate potential incidents.
• Directs vulnerability management and penetration testing programs, ensuring timely remediation of identified risks.

Cloud, Network, & Application Security

• Maintains secure configuration and continuous compliance across enterprise cloud and productivity platforms, applying zero-trust principles and least-privilege access.

Security Awareness & Culture

• Designs and delivers security awareness training programs to strengthen the organization’s security culture.
• Coordinates phishing simulations and gamified campaigns to increase employee reporting of suspicious messages and reduce phishing click rates.

Governance, Metrics & Vendor Management

• Ensures alignment of all security operations with IT service management (ITSM) frameworks and enterprise change/control processes.
• Tracks and reports Key Performance Indicators (KPIs) and Key Risk Objectives (KROs), such as Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), vulnerability closure rates, and phishing-reporting metrics.
• Manages security vendor relationships, contracts, and service-level agreements (SLAs) to ensure value delivery and compliance.
• Communicates risks, security posture, and strategic initiatives effectively to cross-functional stakeholders and senior leadership.

KNOWLEDGE/SKILLS/ABILITIES (KSAs):

• Minimum 12 years of progressive IT experience, with at least 6 years of leadership in Information Security management.
• Professional certifications required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or GIAC.
• Demonstrated ability to lead large-scale security operations, influence enterprise security strategy, and deliver measurable risk reduction in a healthcare environment.
• Expertise in SOC management, incident response, threat detection, and vulnerability management.
• Strong knowledge of cybersecurity frameworks (NIST CSF, MITRE ATT&CK, ISO 27001, COBIT) and healthcare regulations, including HIPAA Security and Privacy Rules.
• Advanced understanding of network protocols, operating systems, cloud and SaaS platforms, and core security technologies (SIEM, EDR, firewalls, WAFs, DLP).
• Proven ability to integrate and optimize security tools and telemetry to enhance visibility and reduce threat dwell time.
• Experience developing and executing incident response plans, conducting forensic investigations, and serving as Incident Commander.
• Strong communication and collaboration skills, with the ability to convey technical risks to both technical and executive stakeholders.
• Demonstrated success mentoring teams and driving operational excellence within an ITSM-aligned environment.

*The physical demands described here are representative of those that may need to be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Occasional Standing

• Occasional Walking

• Frequent Sitting

• Frequent hand, finger movement

• Use office equipment (in office or remote)

• Communicate verbally and in writing