USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization.

SUMMARY

The Director, Cybersecurity Engineering leads a team responsible for designing, implementing, and operating core security controls that protect clinical and enterprise environments across a large healthcare organization. This leader sets the engineering roadmap, drives technical excellence, and partners closely with Infrastructure, Cloud, Application Engineering, Data/Analytics, and GRC teams to reduce risk and support compliance requirements (e.g., HIPAA/HITECH, HITRUST, NIST-aligned controls).

This is a hands-on leadership role for a seasoned cybersecurity professional with 12+ years of experience and broad subject matter expertise across key security domains. Success requires the ability to operate at multiple altitudes: strategic roadmap and governance, deep technical decision-making, thought and people leadership.

Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned.

• Lead, mentor, and develop a team of 5--6 cybersecurity engineers across multiple disciplines (endpoint, cloud, network, application, data security, vulnerability management).
• Establish clear expectations, performance goals, and career development plans; build a culture of ownership, collaboration, and continuous improvement.
• Create repeatable engineering practices: intake triage, design reviews, change control, documentation standards, and operational runbooks.

• Define and execute the cybersecurity engineering roadmap aligned to organizational risk priorities, clinical continuity requirements, and regulatory obligations.
• Develop plans for control modernization (e.g., Zero Trust, identity modernization, cloud security posture, data protection).
• Establish metrics/KPIs and report progress to security leadership.

• Drive selection, implementation, tuning, and operational health for key security technologies such as Endpoint security/EDR/XDR, email security, SIEM/SOAR integrations, vulnerability management, WAF/API security, DLP/data protection, IAM/PAM, cloud security posture/workload protection, and network security controls.
• Provide technical direction on solution designs for new initiatives (cloud migrations, application modernization, third-party integrations, data platforms).
• Establish engineering standards, reference architectures, and security patterns that scale across the enterprise.

• Partner with Infrastructure, Cloud, DevOps, Application Engineering, and Data teams to embed security in delivery lifecycles (secure-by-design, DevSecOps guardrails, infrastructure-as-code controls).
• Influence vendor selection and architecture decisions through security due diligence, technical evaluations, and risk-based recommendations.

• Serve as an escalation point for complex engineering issues and high-severity security events.
• Ensure incident response readiness from an engineering perspective (logging, containment controls, access controls, segmentation, recovery hardening).
• Drive post-incident remediation and control improvements with measurable outcomes.

• Regular and reliable attendance is required for the job.

Qualifications/Requirements:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.

Requirements include:

• 12+ years of progressive cybersecurity experience, including 5+ years leading security engineering teams or comparable technical leadership scope.
• Demonstrated success designing and implementing security controls in complex, regulated enterprises (healthcare strongly preferred).
• Broad subject matter expertise across multiple domains, such as Endpoint security (EDR/XDR), vulnerability management, network security/segmentation, cloud security (AWS/Azure/GCP), identity/IAM and privileged access, application security, and data security/DLP.
• Strong understanding of healthcare regulatory and security expectations (HIPAA/HITECH; familiarity with HITRUST and NIST-aligned frameworks).
• Proven ability to translate risk into practical engineering roadmaps and to drive execution across a matrixed organization.
• Strong executive communication skills and comfort presenting technical risk, tradeoffs, and investment needs.
• Bachelor's degree in Computer Science, Information Security, Engineering, or related field (Master's preferred).
• Preferred certifications: CISSP, CISM, CCSP, cloud security certifications (AWS/Azure), and/or domain-specific GIAC credentials.
• Builds and scales engineering teams; creates clarity, accountability, and measurable outcomes.
• Strong systems thinking and architectural judgment; pragmatic, risk-based decision-making.
• Ability to influence across technology and clinical stakeholders; excels in ambiguity and prioritization.
• Operational rigor with a bias toward automation, reliability, and continuous improvement.