Lead Information Security System Engineer

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We’re proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.

Work Shift:

Day (United States of America)

Scheduled Weekly Hours:

40 Salary Range: $43.00 - $71.00Pay starts at $43 and increases according to years of applicable experience.

Union Position:

No

Department Details

The Lead Information Security Systems Engineer – Identity Infrastructure and Directory Services is a technical and strategic leader responsible for overseeing the organization’s enterprise identity systems. This role provides subject matter expertise in Active Directory, identity lifecycle management, authentication protocols, and access control technologies. The position drives continuous improvement in the security, scalability, and reliability of identity services and acts as a key liaison between security, infrastructure, application, and business teams.

The ideal candidate is hands-on, detail-oriented, and experienced in designing, implementing, and optimizing identity infrastructure across complex hybrid (on-premises and cloud) environments.

Key Responsibilities:
• Lead the design, implementation, and optimization of enterprise identity infrastructure, including Active Directory, SSO, MFA, and certificate services.
• Direct and mentor team members on directory services operations, identity governance, authentication protocols, and access management frameworks.
• Collaborate across teams to ensure seamless integration of identity systems with enterprise applications and cloud platforms
• Drive initiatives for passwordless authentication, conditional access, Zero Trust adoption, and identity-based segmentation strategies.
• Develop and maintain KPIs, dashboards, and reporting to measure system health, service availability, and identity risk posture.
• Build and maintain key vendor relationships, ensuring product alignment with organizational goals, timely support, and ongoing value through licensing, features, and strategic direction.

Summary

Responsible for leading and coordinating the day-to-day operations responsible for identifying, evaluating, implementing, troubleshooting, and maintaining technical security controls for the organization. Acts independently to assign tasks to team members and provide direction to implement controls that are designed to prevent, detect, and contain security threats; enabling Sanford to be productive while maintaining a secure environment that optimizes Sanford’s return on investment.

Job Description

Oversee the building, configuring, and maintaining of cybersecurity systems to ensure our operational environments stay compliant and secure. Lead the implementation of security controls using industry best practices across numerous technologies including, but not limited to Active Directory, identity and access management platforms (SSO and MFA), certificate lifecycle management systems, authentication and authorization frameworks, and Zero Trust security architectures. Oversee the maintenance of existing security systems including implementing new features, performing upgrades, and managing technical configurations/policies across a variety of business-critical systems. Direct the monitoring and responding to security system health alerts. Provide security consulting services to other Sanford health groups.

Provide expertise to a 24x7 team of dedicated security engineers focused on maintaining operational stability while reducing risk. Build and maintain key vendor and supplier relationships. Manage strategic project initiatives ensuring the processes and procedures are well defined and documented. Mentor others within the team on tools, processes, and the Sanford Health organization. Assist with the identification and maintenance of metrics for Security Engineering processes and services. Oversee writing and maintenance of documentation that can be used by all team members and other employees.

Works under limited guidance due to previous experience/breadth of knowledge of processes and organizational knowledge. Acts independently to determine methods and procedures on new assignments. Regularly presented with new assignments and projects that require the application of independent judgement and interpretation of policies and practices. Consistently checks the work of other team members and provides performance feedback. Assist Security Engineering Manager with the following: Adherence with Sanford Health policies and procedures is maintained by the Engineering team (e.g., timecards are submitted on time, etc.), prioritize work to all team members, assign team members to projects based on experience, workload, and growth opportunities, and ensures deadlines for projects are met.

Qualifications

Bachelor’s degree in cyber security or an information technology related field. Master's degree preferred.

Minimum of 5 years experience working in Cyber Security field.

Security Certifications (CISSP, CISA, CISM, Security+, CEH, etc.) are highly desired

Sanford is an EEO/AA Employer M/F/Disability/Vet.

If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to talent@sanfordhealth.org.