IT Senior Manager (SOC)

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals, and physician practices. Headquartered in Chicago, R1 is a publicly traded organization with employees throughout the US and international locations.

Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients, and each other. With our proven and scalable operating model, we complement a healthcare organization’s infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience.

We are looking for a self-motivated Cybersecurity Leader to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more into patient care; in turn, this allows us to continue to grow our company and your career.

The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring.

Responsibilities:

• Lead and manage a team of Cybersecurity professionals to ensure 24/7 operations.
• Develop and implement training programs to enhance the skills of the SOC team.
• Conduct regular performance reviews and provide constructive feedback.
• Coordinate with other departments across multiple geographic regions to manage and mitigate security incidents.
• Ensure timely and accurate reporting of security incidents.
• Manage and optimize SOC tools and technologies.
• Ensure proper configuration and maintenance of security monitoring tools.
• Evaluate and recommend new security tools and technologies.
• Develop and maintain SOC policies, procedures, and playbooks.
• Ensure compliance with industry standards and regulatory requirements.
• Conduct regular reviews and updates of SOC policies and procedures.
• Identify areas for improvement within the SOC.
• Implement best practices and innovative solutions to enhance SOC operations.
• Stay updated with the latest security trends and threats.
• Design, develop, implement and maintain security solutions.
• Monitor various security tools to identify potential incidents, network intrusions, and malware events, etc., to ensure the confidentiality, integrity, and availability of R1’s architecture and information systems are protected.
• Generate trouble tickets and perform initial validation and triage to determine security incidents leveraging open-source intelligence (OSINT) and other security tools.
• Review and analyze log files to report any unusual or suspect activities.
• Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating.
• Follow established incident response procedures to ensure proper escalation, analysis, and resolution of security incidents.
• Analyze and correlate incident event data to develop preliminary root cause and corresponding remediation strategy.
• Research Threat Intelligence sources on the latest malware, trends, patches to keep the Security Program up to date.
• Perform case management throughout the incident lifecycle for moderately complex security incidents.
• Understand and assist with compliance and enterprise change management policies and procedures.
• Attend and participate in cybersecurity projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.
• Maintain metrics & reports on the status of the R1 cybersecurity operations program.

Required Qualifications:

• At least a bachelor’s degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.)
• More than 5 years of professional experience in an IT-related field.
• At least 3 or more years in a managerial position (people leader)
• Proven experience in team management and leadership.
• Excellent analytical and problem-solving skills.
• Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols, and standards.
• Intermediate or advanced security, networking, or audit certification or equivalent professional experience in security operations.
• Knowledge of security policies, programs, processes, and metrics.
• Understanding/Experience with Network Security, Firewall Security, and Web Security (including web application firewalls and proxies).
• Experience with SIEM, PIM, Content Filtering, and Firewalls.

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals, and physician practices. Headquartered in Chicago, R1® is a publicly traded organization with employees throughout the US and international locations.

Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients, and each other. With our proven and scalable operating model, we complement a healthcare organization’s infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience.

We are looking for a self-motivated Cybersecurity Leader to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more into patient care; in turn, this allows us to continue to grow our company and your career.

The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring.

Responsibilities:

• Lead and manage a team of Cybersecurity professionals to ensure 24/7 operations.
• Develop and implement training programs to enhance the skills of the SOC team.
• Conduct regular performance reviews and provide constructive feedback.
• Coordinate with other departments across multiple geographic regions to manage and mitigate security incidents.
• Ensure timely and accurate reporting of security incidents.
• Manage and optimize SOC tools and technologies.
• Ensure proper configuration and maintenance of security monitoring tools.
• Evaluate and recommend new security tools and technologies.
• Develop and maintain SOC policies, procedures, and playbooks.
• Ensure compliance with industry standards and regulatory requirements.
• Conduct regular reviews and updates of SOC policies and procedures.
• Identify areas for improvement within the SOC.
• Implement best practices and innovative solutions to enhance SOC operations.
• Stay updated with the latest security trends and threats.
• Design, develop, implement and maintain security solutions.
• Monitor various security tools to identify potential incidents, network intrusions, and malware events, etc., to ensure the confidentiality, integrity, and availability of R1’s architecture and information systems are protected.
• Generate trouble tickets and perform initial validation and triage to determine security incidents leveraging open-source intelligence (OSINT) and other security tools.
• Review and analyze log files to report any unusual or suspect activities.
• Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating.
• Follow established incident response procedures to ensure proper escalation, analysis, and resolution of security incidents.
• Analyze and correlate incident event data to develop preliminary root cause and corresponding remediation strategy.
• Research Threat Intelligence sources on the latest malware, trends, patches to keep the Security Program up to date.
• Perform case management throughout the incident lifecycle for moderately complex security incidents.
• Understand and assist with compliance and enterprise change management policies and procedures.
• Attend and participate in cybersecurity projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.
• Maintain metrics & reports on the status of the R1 cybersecurity operations program.

Required Qualifications:

• At least a bachelor’s degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.)
• More than 5 years of professional experience in an IT-related field.
• At least 3 or more years in a managerial position (people leader)
• Proven experience in team management and leadership.
• Excellent analytical and problem-solving skills.
• Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols, and standards.
• Intermediate or advanced security, networking, or audit certification or equivalent professional experience in security operations.
• Knowledge of security policies, programs, processes, and metrics.
• Understanding/Experience with Network Security, Firewall Security, and Web Security (including web application firewalls and proxies).
• Experience with SIEM, PIM, Content Filtering, and Firewalls.