Senior Information Security Operations Engineer

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.

Work Shift:
8 Hours - Day Shifts (United States of America)

Scheduled Weekly Hours:
40

Salary Range: $43.00 - $71.00

Union Position:
No

Department Details
Lead day-to-day vulnerability operations (scan scheduling, authenticated coverage, agent health) and engineer improvements across tooling workflows.

Develop and mature the Vulnerability Management program: define SLAs, priorities, exception guardrails, and reporting; design playbooks for zero-day/KEV response.

Drive remediation campaigns with asset owners; convert findings into work items with clear scope, owners, and due dates; track to closure.

Partner with Technology Solutions teams to reduce exposure footprint (consult on configuration baselines, conditional access, system hardening).

Produce executive metrics and service reporting (exposure trends, SLA compliance, coverage, time-to-remediate).

Project management exposure preferred (owning cross-team initiatives, roadmaps, and deliverables).

Summary
Responsible for the technical and operational delivery of enterprise cybersecurity; focusing on the development and implementation of processes and tools that support Security Operations' threat prevention, threat hunting, vulnerability assessments, and incident response. Also responsible for minimizing identified threats and risks to the organization through collaboration with other Information Security and Sanford technological groups.

Job Description
Perform and coordinate, with other team members, real-time and forensic log and EDR monitoring and analysis to provide network, data, and asset security for Sanford Health. Complete, configure, and tune vulnerability assessments and report results to application and asset owners. Provide consulting services to owners relating to response activities. Perform, lead, and coordinate on Incident Response activities including the collection, preservation, and interpretation of digital evidence.

Build, administer, and support the IS Security Operations tools, processes, and services. Identify and complete improvements and metrics to Security Operations processes and services. Manage the IS Security Operations ticket queue. Prioritize and complete tickets according to impact to Sanford Health business functions. Provide security consulting services to other Sanford Health groups.

Mentor other Security Operations team members on tools, processes, and Sanford Health areas. Coordinate and participate in activities with other IT Security groups by providing aid and consulting when needed. Works under limited guidance due to previous experience/breadth of knowledge of processes and organizational knowledge. Acts independently to determine methods and procedures on new assignments. Regularly presented with new assignments and projects that require the application of independent judgement/interpretation of policies/practices. Checks own work and the work of other team members.

Qualifications
Bachelor's degree required, in lieu of education, leadership may consider an Associates degree plus 3 years of applicable experience in computer science, cyber security or an information technology related field.

Minimum of 4 years' experience working in Cyber Security required. Advanced security training is desired. Strong working knowledge of the information security standards and procedures including HIPAA and PCI.

Security Certifications are desired.

Sanford is an EEO/AA Employer M/F/Disability/Vet.

If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1- or send an email to