Job Description
Job Summary
This role is not a IT-focused Security Operations (SOC) threat monitoring, incident identification and investigation activity. This role will support the overall cyber response program, which is heavily focused on business response and fully integrated into the enterprise crisis management program. The Cyber Response Manager will be primarily responsible for day-to-day delivery of cyber response /crisis management program activities, including providing guidance and consultation to employees across the enterprise to ensure compliance. Support response to situations impacting Molina's data, people, property, or facilities. Assist in special projects and risk mitigation programs to strengthen organizational resiliency. Develop, communicate, and execute cyber crisis management plans and playbooks. Coordinate and lead cyber crisis management tabletops, process and procedure testing and corrective actions. Lead cross-functional crisis and incident management teams during an enterprise-wide cyber crisis. Conduct incident after action reviews to identify strengths, improvement opportunities and track corrective actions. Support the Cyber Crisis Enterprise strategy to ensure cyber incidents are well organized, executed and resolved.
Partners closely with IT Security, Business Continuity, Disaster Response, and the Protection Services Operations Center to ensure appropriate engagement and escalation protocols to support business and technology incidents. Coordinate with MHI, Health Plan, and Health Plan Services staff to consult on the design, development and deployment of scalable solutions, tools and capabilities that align to the company's goals and effectively address business objectives and requirements. Serves as the alternate enterprise crisis management interfacing with Molina's senior executive team and leading the organization through man-made or natural disasters.
Job Duties
Drive commitment, support, ownership, accountability and results for the enterprise Cyber Response, Incident Response and Crisis Management activities
Assist with cyber response program and process documentation including policies, procedures, frameworks, templates, and work instructions in support of the program and meeting regulatory requirements.
Conduct research and analysis to support programs and projects
Develop and conduct employee training to create awareness for areas of responsibility
Support enterprise threat and cyber crisis response activities including:
Incident notifications and situational updates
Employee emergency notifications
Threat monitoring and analysis. Notification of threat to appropriate stakeholders
Cyber Incident Response team meeting coordination and minutes
Support state-specific incident response leadership
Facilitate support for impacted business operations
Prepare comprehensive, timely, and detailed after-action reports
Analyze trends across incidents and exercises to recommend improvements that may not be apparent from looking at each incident or exercise in isolation.
Assist with documenting the standards, SOPs, Incident Response playbooks, escalation protocols, etc. to facilitate response capabilities
Validate, test, and identify gaps in strategies and communicating results to leadership
Reviews and provides input on select enterprise systems, tools, and services to ensure effective planning, testing and response capabilities including out of band options
Periodically test and ensure readiness of continuity tools, including tools for out-of-band notification or incident communications.
Establish and maintain communication with enterprise crisis management, incident response team, and state-specific response team members
Coordinate with Cyber Response Teams, CISO, Legal, Privacy, and Protection Services Operations Center to respond to and support cyber crisis situations
Develop, enhance, and improve enterprise crisis management, cyber response while supporting incident plans and state-specific response plans. Ensure annual plan compliance requirements are achieved
Implement processes, procedures and systems that will help ensure that the company's continuity capabilities remain in compliance with all laws, regulations, and best practices.
Assist in the evaluation, design and deployment of integrated systems and technology that support response, intelligence, service delivery and organizational strategy.
Maintain roster of cyber crisis management and incident response team members
Conduct annual training of all crisis management and incident response plans or as changes to each location team. Prepare comprehensive, timely, and detailed test reports
Maintain lessons learned and remediation tracker. Ensure items requiring remediation are resolved within a timely manner
Assist in development of metrics and measurements supporting program evolution, validation, and business awareness
Other duties as assigned by leadership
Job Qualifications
Required Education:
Bachelor's degree in an applicable field
Required Experience:
Minimum of 7 years operational experience across crisis management, resilience and cybersecurity incident response disciplines
5 years of corporate business experience in Cyber Response, Incident Response, Crisis management, Disaster Recovery, and Resilience.
Experience conducting risk assessments, business process or control auditing.
Strong documentation skills - detailed tracking, executive briefings, and reports, etc.
Practical understanding of technical/security concepts such as network architecture design, logical access controls, vulnerability management, encryption, and cloud computing.
Problem solving and analytical abilities including the ability to critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high-level information into details and apply sound business knowledge.
Strong organizational, interpersonal, analytical, verbal, and written communication skills are essential.
Ability to build and maintain customer relationships; strong team player, able to meet deadlines and adjust to changing priorities.
Demonstrated focus on process development and implementation that spans organizational boundaries.
Self-starter with ability to work independently and to manage multiple tasks/projects in a disciplined and organized fashion while maintaining attention to detail.
Ability to work collaboratively with team members, some of which may be geographically distributed.
Power BI experience a plus
BC in the Cloud, Everbridge and Envoy platform/tool experience
Familiar with Kroll, CrowdStrike, or other forensics/cyber investigation providers
Required Licensure or Certification:
Required Knowledge, Skills, and Abilities:
A strong grasp and hands-on experience in cyber incident response, disaster response and crisis management
Understand cyber response and recovery stages and the fundamentals of incident response planning, testing, exercises
Situational awareness and responding to incidents that pose a threat to company, property, data, or people
Creation of metrics, reporting and analysis
Cyber trends - ransomware, malware, phishing, insider threat, etc.
ChatGPT and CoPilot-using AI for research
Familiarity with industry best practices and standards for cyber and crisis events
Project Management
Experience with industry standard tools and concepts. BC in the Cloud, Everbridge and Envoy platform/tool experience preferred
Preferred Qualifications:
BCI or DRII certification(s) a plus; Cyber certifications preferred CISA or CISSP
Master's degree preferred.
Travel Requirements:
Air Travel: 5-10%
Pay Range: $72,370.82 - $156,803.45 / ANNUAL
*Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.