Partnership HealthPlan of California

Sr. Director of Information Security

Job Locations US-CA-Fairfield
Job ID
FLSA Status
Hiring Range
$208,615.57 - $281,633.32


The Sr. Director of Information Security reports to the Chief Information Officer and maintains a strong relationship with Infrastructure Technology (Network Ops), IT Applications Development, IT Enterprise Data Management, and the functional departments of Partnership HealthPlan of California (Partnership). The Sr. Director is responsible for building and leading a team of Cyber Defense Operation Center (CDOC) colleagues. This position will work with various Managed Security Service Providers (MSSP) to establish and maintain threat escalation and remediation protocols including off hours. This role is to direct and manage all aspects of running an efficient team including hiring, supervising, coaching, training, disciplining, and motivating direct-reports. The Sr. Director is responsible for the development, implementation, and management of the CDOC programs and services to include threat hunting, compromise assessments, continuous monitoring, red team exercises, penetration testing, incident response and forensics. The Sr. Director is the primary conduit between the CDOC and the Security Engineers. This position ensures the internal toolsets used and needed by the Analysts and Engineers are kept up-to-date and running efficiently. The Sr. Director is primarily responsible for maintaining and coordinating the organization's incident response plan.


  • Plans, directs, and manages day-to-day activities across the CDOC. Leads the CDOC in
    proactively performing threat hunting, compromise assessments, penetration testing, red
    and blue team exercises.
  • Drives timely implementation and improvement of new tools, capabilities, frameworks,
    and methodologies across all teams within the CDOC, across IT and the enterprise.
  • Accountable for the timeliness and efficient identification, isolation, mitigation, and
    reporting of critical incidents.
  • Manages cross-functional security teams to achieve continuous improvement in cyber
    defense/response. Instills and reinforces industry best practices in the domains of
    incident response, cybersecurity analysis, knowledge management, and CDOC
  • Responsible for overseeing the monitoring and timely proactive response to threats in
    Cloud environments
  • Promotes and drives implementation of automation and process efficiencies.
  • Leads strategy development, quality control, compliance, and continuous improvement of
  • Maintains a forward-leaning ops tempo that includes continual validation and
    improvement across all CDOC functions.
  • Delivers recommendations in accordance with government and contractual requirements.
  • Provides customers with remediation recommendations.
  • Creates, reviews, and approves new procedural documentation. Conducts product
    evaluations of security technologies.
  • Acts as the technical expert in multiple domains to coordinate CDOC efforts during
    incident and breach responses. Collaborates with other Information Technology (I.T.)
    teams to ensure relevant organization-wide data is processed by the CDOC.
  • Coordinates the InfoSec on-call schedule and escalation procedures.
  • Manages complex projects, engaging and updating key stakeholders, developing
    timelines, leads others to complete deliverables on time and ensures implementation upon
    approval. Oversees the MSSP program. Responsible for setting alert thresholds, ensuring
    tickets are resolved in a timely manner, toolset configurations, and project management.
    Ensures that CDOC toolsets and automation are always operational and alerts and events
    from those toolsets are triaged appropriately.
  • Conducts strategic planning to utilize resources in order to meet current and future
    departmental and Enterprise-wide goals.
  • Plans and implements systems and procedures to maximize operating efficiency and
    achieve strategic priorities.
  • Develops goals, objectives and action plans for assigned staff which includes full
    management responsibility for the hiring, performance reviews and disciplinary matters
    for direct reporting employees.
  • Prepares briefings, reports, consultation documents and presentations that clearly
    articulate Partnership’s regulatory position and policy. Develops regulatory position and
    policy based on research and evidence.
  • Other duties as assigned


Education and Experience

Bachelor’s degree in Information Technology or Business
Administration, Business Management; at least eight (8) years of
experience leading comparable information security or technology
teams with at least six (6) years of management/supervisory
experience. Operational experience configuring and managing a
security Information and Event Management (SEIM) platform.
Operational experience monitoring cloud computing (e.g., AWS,
Azure, etc.) and SaaS environments. Experience with leading the
response to crises, incidents, and investigations. Operational experience
managing in a regulated environment (e.g., classified networks,
healthcare, finance, banking, etc.). Experience reporting on CDOC
activities and deliver recommendations in accordance with government
and contractual requirements.



Special Skills, Licenses and Certifications

Strong understanding of networking and communication protocols
(such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP/S, etc.). Exceptional
operational rigor with extensive real-world experience in SOC
methodologies and frameworks for I.T. operations (e.g., Information
Technology Infrastructure Library (ITIL), National Institute of
Standards and Technology (NIST), etc.). Demonstrated ability to
manage complex projects in an effective manner. Must possess a strong
service mindset. Ability to provide threat and vulnerability analysis
security advisory services. Excellent verbal, written communication
and presentation skills. Has experience in DarkWeb knowledge and
search methodologies. Strong knowledge and skills with Cloud
concepts and experience performing monitoring and responding to
threats in Cloud environments. Demonstrated ability to foster
teamwork and unity among team members that allows for disagreement
over ideas, conflict and expeditious resolution, and the appreciation of
diversity. Broad and deep technical knowledge and experience across
varying infrastructure requirements, development, design, and reengineering. Either a Certified Information Systems Security
Professional (CISSP) or Certified Information Security Director
(CISM) is required. The following certifications are preferred:
Certified Ethical Hacker (CEH), Certified Hacking Forensic
Investigator (CHFI), GIAC Certified Detection Analyst (GCDA) or
Offensive Security Certified Professional (OSCP).

Performance Based Competencies

Ability to quickly acquire in-depth knowledge of Partnership’s
infrastructure and managed care issues. Ability to self-manage and
develop timelines for projects required. Ability to work effectively with
employees at all levels in the organization. Ability to maintain
complete confidentiality of member, employee, and Partnership

information. Strong written and oral communication skills with ability
to interpret and understand technical requirements. Excellent analytical
skills to troubleshoot and resolve systems problems. 

Work Environment And Physical Demands

More than 80% of work time is spent in front of a computer monitor.
May be required to lift, carry, or move equipment of varying size,
weighing up to 50 lbs. May be required to bend, stoop, kneel, crawl, or
work in other non-standing and non-sitting positions.


All HealthPlan employees are expected to:

  • Provide the highest possible level of service to clients;
  • Promote teamwork and cooperative effort among employees;
  • Maintain safe practices; and
  • Abide by the HealthPlan’s policies and procedures as they may from time to time be updated.



 $208,615.57 - $281,633.32




The job duties, elements, responsibilities, skills, functions, experience, educational factors and the requirements and conditions listed in this job description are representative only and not exhaustive of the tasks that an employee may be required to perform.  The employer reserves the right to revise this job description at any time and to require employees to perform other tasks as circumstances or conditions of its business, competitive considerations, or work environment change.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed