IT Security Manager (49427)

Who We Are:

Platinum Dermatology Partners is a network of high-quality dermatology clinics that focus on collaborative and innovative ideas to drive growth. We offer general dermatology, cosmetic, medical, plastic surgery, and cancer screening treatments. We have over 145 clinics, over 350 providers, and more than 2300 employees in clinics across Texas, Arizona, California, Nevada, and Florida. We are a rapidly growing company that allows our doctors to focus on providing exceptional care without worrying about the operational side of the business. Our core values focus on collaboration, ownership, respect, excellence, authenticity, and integrity. Our purpose is to empower the practice of exceptional dermatology.

Company Conformance Statements:

In the performance of their respective tasks and duties, all employees are expected to conform to the following:

• Perform quality work within deadlines with or without direct supervision.
• Interact professionally with other employees, customers, and suppliers.
• Work effectively as a team contributor on all assignments.
• Work independently while understanding the necessity for communicating and coordinating work efforts with other employees and organizations.

Position Summary:

The IT Security Manager is a working leader responsible for directly operating, configuring, and securing the organization's cybersecurity infrastructure across a multi-site healthcare environment. This role is hands-on and execution focused, owning day to day security operations while building a scalable security program.

The ideal candidate has strong technical depth in XDR, MDR, SOC operations, SIEM administration, endpoint security, cloud security, and AI-enabled security tools. This individual will actively configure systems, investigate alerts, respond to incidents, and drive remediation efforts, not simply oversee them.

Key Responsibilities:

• Act as primary owner of SIEM, XDR, and MDR platforms
• Monitor and tune alerting thresholds to reduce noise and improve detection accuracy
• Investigate security alerts, perform root cause analysis, and lead incident responses
• Conduct threat hunting using MITRE ATT&CK framework methodologies
• Manage endpoint detection and response (EDR) tools across all locations
• Maintain vulnerability scanning programs and coordinate patch remediation

Incident Response & Risk Mitigation:

• Lead real-time incident triage and containment activities
• Develop and maintain incident response playbooks
• Coordinate forensic investigations and external cybersecurity partners when required
• Document all incidents and produce executive summaries

AI & Emerging Technology Security:

• Evaluate and secure AI tools used in clinical, revenue cycle, and operational workflows
• Assess data leakage risks associated with generative AI platforms
• Implement monitoring controls for AI-driven automation systems
• Participate in AI governance initiatives and enforce approved AI usage policies

Identity, Network & Cloud Security:

• Manage identity and access management (IAM), MFA enforcement, and privileged access controls
• Implement and maintain Zero Trust architecture principles
• Oversee firewall rules, email security, and endpoint hardening
• Secure Microsoft 365, Azure, AWS, or other cloud environments
• Conduct periodic access reviews and audit log monitoring

Compliance & Healthcare Security:

• Maintain HIPAA Security Rule safeguards (Administrative, Physical, Technical)
• Support internal and external audits
• Conduct periodic security risk assessments
• Manage Business Associate Agreement (BAA) security reviews

Security Engineering & Continuous Improvement:

• Implement security automation workflows
• Improve mean time to detect (MTTD) and mean time to respond (MTTR)
• Run phishing simulations and security awareness campaigns
• Develop metrics dashboards for executive reporting