USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization.

SUMMARY

The Director, Cybersecurity Engineering leads a team responsible for designing, implementing, and operating core security controls that protect clinical and enterprise environments across a large healthcare organization. This leader sets the engineering roadmap, drives technical excellence, and partners closely with Infrastructure, Cloud, Application Engineering, Data/Analytics, and GRC teams to reduce risk and support compliance requirements (e.g., HIPAA/HITECH, HITRUST, NIST-aligned controls).

This is a hands-on leadership role for a seasoned cybersecurity professional with 12+ years of experience and broad subject matter expertise across key security domains. Success requires the ability to operate at multiple altitudes: strategic roadmap and governance, deep technical decision-making, thought and people leadership.

Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned.

• Lead, mentor, and develop a team of 5--6 cybersecurity engineers across multiple disciplines (endpoint, cloud, network, application, data security, vulnerability management).
• Establish clear expectations, performance goals, and career development plans; build a culture of ownership, collaboration, and continuous improvement.
• Create repeatable engineering practices: intake triage, design reviews, change control, documentation standards, and operational runbooks.

• Define and execute the cybersecurity engineering roadmap aligned to organizational risk priorities, clinical continuity requirements, and regulatory obligations.
• Develop plans for control modernization (e.g., Zero Trust, identity modernization, cloud security posture, data protection).
• Establish metrics/KPIs and report progress to security leadership.

• Drive selection, implementation, tuning, and operational health for key security technologies such as Endpoint security/EDR/XDR, email security, SIEM/SOAR integrations, vulnerability management, WAF/API security, DLP/data protection, IAM/PAM, cloud security posture/workload protection, and network security controls.
• Provide technical direction on solution designs for new initiatives (cloud migrations, application modernization, third-party integrations, data platforms).
• Establish engineering standards, reference architectures, and security patterns that scale across the enterprise.

• Partner with Infrastructure, Cloud, DevOps, Application Engineering, and Data teams to embed security in delivery lifecycles (secure-by-design, DevSecOps guardrails, infrastructure-as-code controls).
• Influence vendor selection and architecture decisions through security due diligence, technical evaluations, and risk-based recommendations.

• Serve as an escalation point for complex engineering issues and high-severity security events.
• Ensure incident response readiness from an engineering perspective (logging, containment controls, access controls, segmentation, recovery hardening).
• Drive post-incident remediation and control improvements with measurable outcomes.

• Regular and reliable attendance is required for the job.