Principal Systems Engineer IAM / Application Security

Overview

CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services, CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources, CommonSpirit is committed to building healthy communities, advocating for those who are poor and vulnerable, and innovating how and where healing can happen both inside our hospitals and out in the community.

Responsibilities

This is a remote position.

CommonSpirit Health is seeking a Cybersecurity Principal Engineer to be part of the Enterprise Cybersecurity Architecture team. This position will be one of the lead technical authorities for all Cybersecurity protections, with a concentration on Identity Management or Application Security. Responsible for monitoring the threat landscape and changing business requirements to identify functional, technological, and/or control solutions. Defining integration of Cybersecurity controls in an optimal manner to best protect the organization from cyber threats and exposures. Assist technological solution owners with technology selection based on business requirements, required controls, and emerging threats. Oversees the design, development, and implementation of solutions while optimizing solutions to resolve highly complex technical and business issues related to cybersecurity and identity management. Designs and develops solutions to successfully integrate new information security and identity management systems with the existing architecture.

Will be involved in multiple concurrent initiatives as part of Information Technology and Cybersecurity teams. Acts as a subject matter expert (SME) for one or more cybersecurity, IDM, or risk management areas. Mentors other engineers and teams as a leader in the organization.

• Designs and develops solutions to resolve complex technical and business issues related to information security across multiple functions.
• Reviews and consults on cybersecurity of technology solutions to resolve complex technical and business issues.
• Leads design and development to integrate new solutions within the existing or newly defined architecture.
• Serves as SME for multiple technical solutions.
• Provide technical assessments of risk associated with new or existing internal and external cloud-based solutions.
• Lead security efforts for integration of infrastructure and business solutions associated with cloud environments, including providing cloud expertise in the assessment of cloud provider Request For Information (RFI) and Requests for Proposal (RFP).
• Analyze solution designs for alignment to CommonSpirit Health Cybersecurity Policy and Standards, best practices, and security frameworks e.g. National Institute of Standards and Technology (NIST), The Open Group Architecture Framework (TOGAF), CIS Critical Security Controls, International Organization for Standardization (ISO).
• Assess currently deployed environments; provide requirements or recommendations to the design or configurations to address security risk.
• Provide technical guidance/support in troubleshooting security-related issues escalated to Cybersecurity.
• Provide security technical guidance to IAM and/or application security design and configurations. Coordinates with technical teams and business owners’ security solutions to resolve highly complex technical and business issues.
• Works on multiple functions of high complexity with business owners, project management teams, and multiple IT technical resources.
• Perform other duties as required.

Qualifications

• Bachelors Preferred
• 2 or more relevant technical/professional security certifications such as Certified Information Systems Security Professional (CISSP), Governance, Risk and Compliance Professional (GRCP), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM) are preferred.
• 7+ years of related job experience required, of which a minimum of 5 years in Security Architecture function.
• Experienced in security architecture of multiple identity management platforms and/or application security.
• Proficient in security assessment in Unix, Network, Cloud, Application, and End User/Mobile devices.
• Proficiency in at least one or more scripting languages like PowerShell, Python.
• Working base knowledge cloud formation automation like Terraform.
• Demonstrated experience in working in a high-paced multi-tasking environment.
• Strong analytical and problem-solving skills with the ability to function as a change agent.
• Strong interpersonal skills and extremely resourceful.
• Strong skills with intermediate to advanced level expertise with Excel and PowerPoint or equivalents.

#LI-Remote

#LI-CSH