Breakthrough

The senior information security engineer serves in a security researcher role and is a hands-on representative of the Mayo Clinic Office of Information Security (OIS) team.  While some automated tools will be leveraged, the role requires hands-on experience with a variety of tools to emulate attacker tactics, techniques, and procedures (TTPs).  A candidate must possess a solid understanding of information security, preferably with a strong computer science or engineering background and professional experience.  They must understand applications, networking, and various operating systems along with tools and frameworks.  Candidates must also maintain a high level of rigor to stay up to date with advancements in technology while also retaining knowledge of older systems and applications that may still be in use in the enterprise. 

A candidate for this position must be results oriented, multi-disciplined, and comfortable working with engineering staff, architecture staff, and management to discover vulnerabilities in existing services, infrastructure, and applications across the enterprise before our adversaries do. They also act as an information security liaison to various business units and the information technology department to recommend ways to address security concerns present in moderately complex Mayo Clinic services and systems.

The essential job duties for a senior information security engineer are:

• Work with business partners within the department to achieve organizational and OIS goals
• Apply technical expertise in penetration testing, vulnerability research, red teaming, code auditing, and reverse engineering to perform in-depth security assessments of IT infrastructure (on-prem and cloud), medical devices, and various types of software (including web and mobile applications)
• Identify, understand, and explain the root cause of technical security vulnerabilities and clearly report steps to reproduce a vulnerability
• Develop and recommend technical strategies to mitigate or remediate identified vulnerabilities to asset owners
• Regularly research and learn new TTPs in public and closed forums, and work with teammates to assess risk and implement and validate controls as necessary
• Develop and maintain tools and scripts used in penetration-testing and red team processes
• Support purple team exercises designed to build strength across the cybersecurity operations center, threat hunting, and red team
• Train offensive and defensive colleagues on new TTPs and mentor junior teammates
• Occasionally attend and participate in risk assessment or policy discussion meetings
• Undertake complex projects requiring specialized technical knowledge
• Perform other security-related duties or enhancements as assigned
• Establish timelines and delivery of requirements.

This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position. Also, Mayo Clinic DOES NOT participate in the F-1 STEM OPT extension program.

The Senior Information Security Engineer requires the following skills and abilities:

• Strong written and verbal skills
• Professional, focused, penetration testing experience
• Good understanding of at least three operating systems (Microsoft Windows, GNU/Linux, Android, macOS, or iOS)
• Advanced experience with security tools, including Metasploit Framework, Burp Suite, Frida, Wireshark, and Responder
• Provide security recommendations about cryptographic implementations
• Understands system-level concepts
• Understands OWASP, NIST CVSS, and the software development lifecycle (SDLC).
• Experience in at least one programming language (Rust, Go, Java, .NET, C or C++) or one scripting language (Python, PHP, Ruby)
• Experience in testing at least one of the following:
  • cloud infrastructures (AWS, GCP)
  • mobile applications (iOS and Android)
• Have an astute attention to detail
• Highly organized and efficient
• Demonstrates a deep and broad knowledge of standard operating procedures, workflows and supporting technology across numerous critical user areas and an in-depth knowledge of multiple computing technologies either being actively used or of significant interest to Mayo; understands how systems fit into larger picture of technology at Mayo
• Capacity to work remotely, independently, and be willing to seek advice/assistance

Good to have:

• Experience in secure systems architecture designs
• Experience in reverse engineering (x86, x64, ARM32, ARM64 architectures), and familiarity with relevant tools (IDA Pro or Ghidra)
• Experience with hardware security testing

Minimum Education and/or Experience Required:

Master’s degree with one (3) years of experience or bachelor’s degree in computer science, Information Systems, Engineering or related major and a minimum two (5) years’ experience in the information security field required.

Licensure/Certification Required: Must have one of the following certifications (or equivalent) at time of hire. In lieu of certification at time of hire, candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met.

• OSCP – Preferred certification
• CISSP
• GIAC Certification (GPEN preferred)