Cybersecurity Engineering Manager
Montefiore Einstein Technology · Yonkers, NY · 2 wk ago
Engineering$136k–$170k/yrFull-time
Job Summary
The Cybersecurity Engineering Manager leads a team of cybersecurity engineers responsible for designing, implementing, operating, and maintaining technical security controls that protect clinical systems, patient data, and enterprise infrastructure across a large, complex healthcare environment. This role balances hands-on technical leadership, personnel development, and strategic cybersecurity engineering management, ensuring alignment with regulatory requirements (e.g., HIPAA, HITECH, NYSDOH), enterprise risk management goals, and NIST-based frameworks.
Responsibilities
- Manage day-to-day cybersecurity engineering operations.
- Oversee secure configuration and maintenance of endpoint, network, cloud, and email security tools.
- Develop and maintain security engineering standards and runbooks.
- Manage vendor relationships and contract performance.
- Lead outage response and customer communication during security tool failures that significantly impact business operations.
- Support audits, risk assessments, and regulatory inquiries.
- Ensure high availability and resilience of security controls.
- Continuously mature security engineering capabilities.
- In partnership with Attack Surface Management personnel, participate in verification and validation testing of security controls across cloud and on-premise environments.
- Ensure security engineering participation in enterprise change management processes.
- Define and improve security engineering metrics for resiliency, availability, and operational efficiency.
- Drive automation and orchestration to reduce manual engineering effort.
- Champion secure-by-design principles across infrastructure and application teams.
- Ensure security solutions are stress-tested to validate performance under peak clinical load.
Requirements
- Bachelor’s degree or equivalent work experience.
- 4-6 years progressive cybersecurity engineering experience, with a focus on team development.
- 4-6 years of hands-on experience implementing and managing security technologies to protect against contemporary threats.
- 4-6 years of experience in leadership: Proven experience leading a team of cybersecurity engineering professionals and coordinating engineering efforts across a large healthcare organization.
- Proven experience in leading and managing a team of cybersecurity professionals in a 7 x 24 on-call operating model.
- Ability to motivate and inspire team members, foster a positive and productive work environment.
- Strong decision-making skills, with the ability to manage multiple tools and competing priorities simultaneously.
- Advanced knowledge of cybersecurity engineering principles.
- Strong understanding of cybersecurity threats, attack vectors, and mitigation strategies including Zero Trust and defense-in-depth strategies.
- Proficiency in using and managing contemporary on premise and cloud-based cybersecurity tools such as internet proxies, employee and vendor remote access technologies, endpoint agents for Endpoint Detection and Response (EDR) and internet client connectors, support of unique anti-phishing platforms and secure file transfer solutions.
- Experience in handling outages and complications associated with these tools and to be the face of customer service when handling events that impact the business.
- Excellent communication skills, with the ability to articulate technical issues to both technical and non-technical stakeholders.
- Familiarity of healthcare regulatory requirements (HIPAA, HITECH, NYSDOH).
- Knowledge of email security and anti-phishing technologies.
- Experience in designing and implementing cloud-native security controls across IaaS, PaaS, and SaaS platforms.
- Familiarity with secure connectivity between on-premises and cloud environments.
- Familiarity with Agile methodologies and the use of tools like Confluence and Jira to advance the program.
Skills
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
- GIAC Security Essentials (GSEC)
Pay
$136,000.02 - $170,000.03 per year
Schedule
Day shift, Monday through Friday, 8:30 AM - 5:00 PM, 7.5 hours daily