Sign upLog in

Director, Cybersecurity - Cyber Defense Operations

Sutter Health

Sacramento, CA

Apply
JOB DETAILS
SALARY
$260,312–$416,520 Per Year
SKILLS
Analysis Skills, ArcSight, Automation, Best Practices, Business Skills, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Science, Computer Security, Conflict Resolution, Continuous Improvement, Cross-Functional, Detail Oriented, Electronic Medical Records, Enterprise Protection, Environmental Health, Federal Information Processing Standards (FIPS), HIPAA (Health Insurance Portability and Accountability Act), Health Economics, Health Information Technology, Healthcare, Hewlett-Packard Product Family, Hospital, Hunting, IBM Product Family, IR (Infrared), Identify Issues, Incident Response, Industry Standards, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Interpersonal Skills, Leadership, Legal, Medical Office, Medical Record System, Medical Records, Mentoring, Metrics, Microsoft Excel, Microsoft PowerPoint, Microsoft Word, Network Operations Center, Operational Measurement, Operational Strategy, Organizational Skills, Patient Care, Presentation/Verbal Skills, Problem Solving Skills, Product Demonstration, Project/Program Management, Ransomware, Regulatory Requirements, Relational Databases (RDBMS), Reporting Dashboards, Risk, Risk Analysis, Risk Management, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Simulation, Splunk, Team Building, Team Lead/Manager, Team Player, Trend Analysis, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Sacramento, CA
POSTED
1 day ago
We are so glad you are interested in joining Sutter Health!


Organization:


SHSO-Sutter Health System Office-Valley


Position Overview:


The Director of Cyber Defense Operations leads Sutter Health’s enterprise cybersecurity defense capabilities, responsible for protecting critical clinical, operational, and digital assets against evolving cyber threats. This role provides strategic and operational leadership across core defensive functions including Security Operations Center (SOC), Incident Response (IR), Threat Intelligence, Detection Engineering, Security Automation, and Adversary Simulation.


The Director is accountable for delivering 24/7 threat detection, rapid incident containment, and coordinated response across the organization, while continuously improving defensive capabilities through automation, intelligence-driven operations, and measurable risk reduction. This leader drives alignment across cybersecurity, IT, clinical engineering, legal, and business teams to ensure resilience against cyber events that could impact patient care and operations.


This role also owns the maturity and performance of the cyber defense program, establishing roadmaps, operational metrics, and executive reporting that demonstrate control effectiveness, detection coverage, and overall security posture improvement. The Director partners closely with Security Engineering, Data Protection, and GRC leaders to ensure a fully integrated, threat-informed defense strategy aligned to enterprise risk priorities.


Job Description :


EDUCATION:

_Equivalent experience will be accepted in lieu of the required degree or diploma._


+ Bachelor's: Business, Cybersecurity, Computer Science, Information Technology/Security, Risk Management, or related field or equivalent education/experience


CERTIFICATION & LICENSURE


+ CISSP-Certified Information Systems Security Professional within 1 Year of hire


TYPICAL EXPERIENCE:


+ 12 years recent relevant experience.


PREFERRED EXPERIENCE:


+ Leadership experience overseeing Cyber Defense Operations functions including SOC, Incident Response, Threat Intelligence, Detection Engineering, and Incident Response in a large enterprise environment.

+ Hands-on experience with SIEM, SOAR, EDR/XDR, threat hunting, automation, and security monitoring technologies.

+ Proven ability to build and inspire high-performing cybersecurity teams through mentorship, Capture the Flag (CTF) events, attack demonstrations, tabletop exercises, and continuous technical development.

+ Strong communication and executive presence with experience delivering cybersecurity metrics, threat intelligence reporting, operational dashboards, and risk updates to technical and business stakeholders.

+ Experience defending healthcare environments and protecting critical systems, PHI, and clinical operations against modern cybersecurity threats including ransomware and advanced adversary activity.


SKILLS AND KNOWLEDGE:


+ Solid expertise in formal/structured information security risk assessment methodology, including understanding the implementation challenges and advantages across all levels of hardware platforms and software applications.

+ In-depth knowledge of information security technologies, infrastructures, methodologies, frameworks, techniques, security incident and event monitoring (SIEM) solutions (e.g., Splunk Enterprise Security, IBM QRadar, HP ArcSight, etc.), compliance reporting, and the development and implementation of these concepts to manage risk within a clinical environment.

+ Extensive knowledge and understanding of current and emerging digital security trends, risks, threats, countermeasures, vulnerabilities, and mitigations ranging across the technologies required for securing applications, data centers, networks, and third-party access to data, applications, and resources.

+ Broad working knowledge of health care operations and their related data/software/hardware requirements including, but not limited to, hospitals, clinics, medical offices, and their information technology needs.

+ Detailed knowledge of state and federal information security, cyber security, compliance and privacy-related regulatory requirements, including a comprehensive understanding of National Institute of Standards and Technology (NIST), Federal Information Processing Standards (FIPS), and other recognized industry security standards and best practices.

+ Comprehensive understanding of information confidentiality and integrity requirements especially as it relates to patient information in a healthcare environment (electronic health/medical records (EHR/EMR), Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), etc.).

+ Superior business acumen and exceptional leadership skills to provide innovative solutions to complex problems and leveraging appropriate internal/external resources to meet corporate objectives.

+ Expertise in building cross-functional team, fostering consensus, resolving conflicts, and managing risk, in addition to being an effective decision maker and expert delegator.

+ Organizational skills with an understanding of team building and organizational dynamics, including creative problem identification and resolution, conceptualization, and contingency thinking skills.

+ Advanced project management skills, including the ability to manage multidisciplinary teams that successfully define, develop, and deliver various information security solutions.

+ Attention to detail with exceptional analytical skills in problem identification, analysis, and innovative resolution.

+ Verbal and written communication, interpersonal, and presentation skills with the ability to present regulatory requirements, directives, ideas, and concepts effectively to a diverse audience

+ Advanced level of computer and application competency including Excel, Power Point, Word, and Project and relational database management systems.

+ Adapt to changing or challenging initiatives while developing new ideas and approaches aimed at improving results.

+ Foster an environment of collaboration at all levels of the organization, including engaging and influencing individuals or groups with various opinions and levels of knowledge, building consensus, and then enlisting cooperation without direct control/authority.


_These Principal Accountabilities, Requirements and Qualifications are not exhaustive, but are merely the most descriptive of the current job. Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change (for example, emergencies, staff changes, workload, or technical development)._


Job Shift:


Days


Schedule:


Full Time


Days of the Week:


Monday - Friday


Weekend Requirements:


As Needed


Benefits:


Yes


Unions:


No


Position Status:


Exempt


Weekly Hours:


40


Employee Status:


Regular


Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.


Pay Range is $260,312.00 to $416,520.00 / annual salary


_The compensation range may vary based on the geographic location where the position is filled. Total compensation considers multiple factors, including, but not limited to a candidate’s experience, education, skills, licensure, certifications, departmental equity, training, and organizational needs. Base pay is only one component of Sutter Health’s comprehensive total rewards program. Eligible positions also include a comprehensive benefits package._

About the Company

S

Sutter Health

Sutter Health has a long history in California. Some of our facilities have been providing care in the communities we serve for more than 100 years. Today, we’re proud to partner with more than 12,000 doctors to care for more than 3 million people.

We’re inspired by our Northern California community and work tirelessly to deliver top-rated, affordable healthcare. Doctors, hospitals, care teams and employees in the Sutter Health network are always looking for new, meaningful ways to care for you and your loved ones. We believe that every moment matters when it comes to helping you live a longer, healthier and happier life.

Our not-for-profit network delivers top-rated, personalized care in more than 100 Northern California communities. Recently ranked among the Top 15 Health Systems in the nation by Truven Health Analytics™, our team of more than 50,000 doctors, employees and volunteers partner to spread innovation, improve access to healthcare services and put our patients’ needs first—all to achieve the highest levels of quality, access and affordability.

COMPANY SIZE
10,000 employees or more
INDUSTRY
Healthcare Services
EMPLOYEE BENEFITS
Professional Development, 401K, Flexible Spending Accounts, Retirement / Pension Plans, Tuition Reimbursement, Life Insurance
FOUNDED
1921
WEBSITE
https://jobs.sutterhealth.org/