Senior Information Security Engineer - Risk

3 days ago Be among the first 25 applicants

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Mayo Clinic, is seeking the following. Apply via Dice today!

Job Description

The Information Security Senior Engineer is results oriented, multi-disciplined, and comfortable in implementing system security solutions in multi-vendor environments and acts as an information security liaison to various business units and the information technology department to assist with the security design, consultation, and technology implementation for various Mayo Clinic projects and initiatives.

The incumbent also assists system users relative to information systems security matters and undertakes complex projects requiring additional specialized technical knowledge. Specifically, the Information Security Senior Engineer is knowledgeable, proficient, and experienced in:

Working with business partners within the department to achieve organizational and OIS goals

Developing required competencies by mastering fundamental tasks

Independently analyzing technology security posture and appropriate use of security defenses

Matching technical solutions with business requirements and then designing and implementing them;

Self-directed software development, testing, support/problem solving, and overall technology administration;

Organizational procedures such as the system development life-cycle;

Use of defensive measures and information to identify, analyze and report security events;

Researching and understanding pertinent information technology laws, policies and procedures

Establishing timelines and delivery of requirements

Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle

Collecting and analyzing information to identify vulnerabilities and potential for exploitation

Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content

Executing duties governing hardware, software, and information system acquisition programs and other program management policies with minimal support

• This position is primarily remote work. Individual may be required to provide onsite support based on business needs and must live within driving distance (70 miles) to the Mayo Clinic Rochester, MN, Jacksonville, FL, or Scottsdale AZ campus. Preference is for candidates near Rochester, Minnesota.
• This vacancy is not eligible for sponsorship / we will not sponsor or transfer visas for this position.
  
  

During the selection process, you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.

Qualifications

Master's degree with one (1) year experience or Bachelor's degree in Computer Science, Information Systems, Engineering or related major and a minimum two (2) years' experience in the information security field required.

The Information Security Senior Engineer also requires the following skills/abilities:

Understands the use and efficacy of information security tools, server configurations and controls with the ability to install, configure, test and operate them.

Able to test, implement, deploy, maintain, review and administer the infrastructure hardware and software required to effectively secure the enterprise, protect data, identify and mitigate risks

Ability to collect, process, preserve, analyze and present computer related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence or law enforcement investigations.

Provides advanced technical opinions/conclusions re. security tools, trends, and controls which are supported by documented evidence, based on multiple perspectives and leverage of a variety of resources

Demonstrates a deep and broad knowledge of standard operating procedures, workflows and supporting technology across numerous critical user areas and an in-depth knowledge of multiple computing technologies either being actively used or of significant interest to Mayo; understands how systems fit into larger picture of technology at Mayo.

Capacity to work independently and willingness to seek advice/assistance.

Experience in cybersecurity defense and detection is preferred. Primary responsibilities include developing new detection use-cases, writing and tuning rules in the SIEM, and maintaining the detection content that security tools use to identify threats. Must be able to translate threat intelligence and attack TTPs (Tactics, Techniques, Procedures) into queries or signatures that can catch those behaviors in logs and telemetry. Continuously monitor and adjust existing detections to improve accuracy - analyzing alert outcomes to distinguish true threats from false alarms and updating rule logic accordingly. Work closely with SOC analysts to get feedback on alert quality and with threat intel or red teams to understand emerging threats and validate detections. Highly desired:

• Understanding of how logs are collected, parsed, and indexed, and how correlation engines work.
• Able to work with various data sources (network logs, endpoint logs, cloud logs, etc.) and design correlation rules that combine these signals.
• Understanding of threat intelligence reports and frameworks like MITRE ATT&CK to pinpoint tactics/techniques that require coverage.
• Proficiency with the specific detection tools and their rule syntax
• Coding/scripting ability (e.g. regex, Python, PowerShell, or SQL) to manipulate data and craft complex logic
• Familiarity with log formats and data schemas is essential to define the right conditions (knowing which fields or event IDs indicate malicious activity
• Deep knowledge of security tools (Endpoint Detection & Response, IDS/IPS, firewalls, proxies, etc.) and types of logs/events they produce
• Understanding of cloud audit logs (AWS CloudTrail, Azure logs) and how to detect threats in cloud environments
• Familiarity with operating systems (Windows, Linux, macOS) and network protocols
• Adept at setting up test scenarios and data to test and verify rule logic
• Collaborative skills for working across teams to generate the malicious behavior in a controlled environment
• Attention to detail is key at this stage to observe subtle differences in logs and adjust accordingly if the rule isn't matching the expected patterns
• Ability to iterate methodically is important: complex rules may go through multiple cycles of test and tune until performance is acceptable
• Patience and thoroughness are key soft skills, since continuous improvement is vital for effective long-term detection
• Change management, change control, version control (Git) and CI/CD pipelines
• Process and procedure development
  
  

Additional desired characteristics:

• Collaborative skills for working across teams to generate the malicious behavior in a controlled environment
• Attention to detail is key at this stage to observe subtle differences in logs and adjust accordingly if the rule isn't matching the expected patterns
• Ability to iterate methodically is important: complex rules may go through multiple cycles of test and tune until performance is acceptable
• Patience and thoroughness are key soft skills, since continuous improvement is vital for effective long-term detection
• Change management, change control, version control (Git) and CI/CD pipelines
• Process and procedure development
  
  

Licensure or Certification:

Must have one of the following certifications (or equivalent) at time of hire. In lieu of certification at time of hire, candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met.

CISSP

GSEC

CISM

OSCP

HCISPP

About Us

Why Mayo Clinic

Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.

Benefits Highlights

• Medical: Multiple plan options.
• Dental: Delta Dental or reimbursement account for flexible coverage.
• Vision: Affordable plan with national network.
• Pre-Tax Savings: HSA and FSAs for eligible expenses.
• Retirement: Competitive retirement package to secure your future.
  
  

About The Team

Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.

Equal Opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  Software Development

Referrals increase your chances of interviewing at Jobs via Dice by 2x

Get notified about new Senior Information Security Engineer jobs in Rochester, MN.

Rochester, MN $131,705.59 - $190,923.20 5 days ago

Rochester, MN $131,705.59 - $190,923.20 5 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.