Information Security Engineer

Position Title:
Information Security Engineer

Department:
IT Information Security

Job Description:

This position may be performed remotely from the following locations within the United States of America: Arkansas, Colorado, Florida, Georgia, Indiana, Kansas, Louisiana, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, North Carolina, Ohio, Oklahoma, South Carolina, Tennessee, Texas, Utah, Vermont, Virginia, West Virginia, and Wisconsin.

The Security Engineer II will be responsible for implementing, maintaining, and optimizing security solutions. This role requires in-depth technical knowledge of security and IT systems, participation in advanced projects, and the ability to work with senior engineers on complex initiatives. The Security Engineer II will assist in implementation of critical security functions as well as provide guidance to other engineers. This position actively participates in strategic planning and provides 24x7 on-call support with other members of the security engineering staff.

Essential Responsibilities

Responsibilities listed in this section are core to the position. Inability to perform these responsibilities with or without an accommodation may result in disqualification from the position.

• Deploy, implement, document and maintain security solutions.
• Resolve complex security engineering-related tickets in ServiceNow, ensuring timely resolution and adherence to SLAs.
• Develop and maintain comprehensive process documentation.
• Lead or provide support for security-related projects and initiatives from a technical perspective.
• Identify and implement opportunities for process improvement and automation within the security engineering framework.
• Support the building of technology operational models and workflows for the business.
• Collaborate with IT teams and business units to ensure proper access controls and integration with other systems.
• Actively pursue opportunities to fill knowledge gaps in new technologies, helping the team stay updated with industry trends.
• Provide vendor management, service level definition, and management for security technologies.
• Provide feedback on, or assist in creating, business case proposals, analysis of technologies, and project plans.
• Perform contract reviews and ensure risks are mitigated.
• Assist in security awareness training related to security.
• Support strategic contingency planning from a security perspective.
• Mentor other engineers and analysts, providing guidance on complex security issues.
• Participate in regular business meetings and workshops to ensure knowledge transfer.
• Provide 24x7 on-call support based on security engineering staff rotation.
• Adhere to and support OU Health IT standards, policies, and procedures.
• Maintain and protect confidentiality regarding all aspects of patient care and employee information.

General Responsibilities

• Performs other duties as assigned.

Minimum Qualifications

Education Requirements: Bachelor's Degree required.

Experience Requirements:

• 3-5 years of experience in Security Engineering required.
• Experience with various security services and tools, I.e. network protocols, firewalls, IDS/IPS, SIEM, logging, Active Directory, DLP, etc.
• Experience implementing SSO and understanding of concepts such as least privilege.
• Experience in managing multiple high-risk projects, including those involving external vendors.

License/Certification/Registration Requirements:

• One or more advanced security certifications are required or must be obtained within 36 months from the hire date. Desired certifications include CCSP, CISM, GSEC.
• Other security or IT certifications are highly desirable, such as CEH, CHFI, CISA, CISM, CRISC, CCNA

Knowledge/Skills/Abilities Required:

• Strong knowledge of cloud services and methodologies.
• Understanding of SSO, MFA, PAM, least privilege concepts.
• Intermediate to advanced knowledge of supported operating systems (Windows server and VMware ESX) network technology (Route, Switch, Firewall, VPN), utilities, vendor products, diagnostic techniques, applicable communications protocols, applicable hardware configurations, vulnerability management
• Strong knowledge of applicable programming languages, and scripting.
• Strong knowledge of security regulation and security framework. Examples include CIA triad, HIPAA, HITECH, HITRUST, NIST, ISO, and COBIT
• Strong technical problem-solving skills with strong attention to detail.
• Excellent communication, leadership, and teamwork skills.
• Demonstrated ability to lead technical projects and mentor other team members.
• Experience in identifying and leading the implementation of process improvements and automation solutions within security.
• Leadership skills to establish and maintain business relations with technical resources, customers, business partners, vendors, and other IT personnel.

#dice

Current OU Health Employees - Please click HERE to login.

OU Health is an equal opportunity employer. We offer a comprehensive benefits package, including PTO, 401(k), medical and dental plans, and many more. We know that a total benefits and compensation package, designed to meet your specific needs both inside and outside of the work environment, create peace of mind for you and your family.