Breakthrough

Seeking a highly skilled and experienced Information Security Senior Engineer to lead the administration, optimization, and advanced support of our security validation platform. Under general supervision and guidance, will be responsible for the full lifecycle management of the security validation platform – from strategic planning, selection, and implementation to ongoing maintenance and advanced troubleshooting of moderately complex systems software and hardware. Will actively monitor, analyze, and respond to technical problems, leveraging sophisticated testing tools to ensure the continuous efficacy of our security controls against evolving threats. This role requires significant contributions to system capacity management, evaluation of new security technologies, and the ability to drive consensus across diverse stakeholder groups within Mayo Clinic's large and complex environment.

The Information Security Senior Engineer is results oriented, multi-disciplined, and comfortable in implementing system security solutions in multi-vendor environments and acts as an information security liaison to various business units and the information technology department to assist with the security design, consultation, and technology implementation for various Mayo Clinic projects and initiatives.

The incumbent also assists system users relative to information systems security matters and undertakes complex projects requiring additional specialized technical knowledge. Specifically, the Information Security Senior Engineer is knowledgeable, proficient, and experienced in:

• Working with business partners within the department to achieve organizational and OIS goals
• Developing required competencies by mastering fundamental tasks
• Independently analyzing technology security posture and appropriate use of security defenses
• Matching technical solutions with business requirements and then designing and implementing them;
• Self-directed software development, testing, support/problem solving, and overall technology administration;
• Organizational procedures such as the system development life-cycle;
• Use of defensive measures and information to identify, analyze and report security events;
• Researching and understanding pertinent information technology laws, policies and procedures
• Establishing timelines and delivery of requirements
• Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle
• Collecting and analyzing information to identify vulnerabilities and potential for exploitation
• Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content
• Executing duties governing hardware, software, and information system acquisition programs and other program management policies with minimal support

*This position is a 100% remote work. Individual may live anywhere in the US.
**This vacancy is not eligible for sponsorship / we will not sponsor or transfer visas for this position.
During the selection process, you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.

Master’s degree with one (1) year experience or Bachelor’s degree in Computer Science, Information Systems, Engineering or related major and a minimum two (2) years’ experience in the information security field required.

The Information Security Senior Engineer also requires the following skills/abilities.
• Understands the use and efficacy of information security tools, server configurations and controls with the ability to install, configure, test and operate them.
• Able to test, implement, deploy, maintain, review and administer the infrastructure hardware and software required to effectively secure the enterprise, protect data, identify and mitigate risks
• Ability to collect, process, preserve, analyze and present computer related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence or law enforcement investigations.
• Provides advanced technical opinions/conclusions re. security tools, trends, and controls which are supported by documented evidence, based on multiple perspectives and leverage of a variety of resources
• Demonstrates a deep and broad knowledge of standard operating procedures, workflows and supporting technology across numerous critical user areas and an in-depth knowledge of multiple computing technologies either being actively used or of significant interest to Mayo; understands how systems fit into larger picture of technology at Mayo.
• Capacity to work independently and willingness to seek advice/assistance.

Additional Qualifications (preferred):

• Demonstrated expertise operating within a large enterprise infrastructure environment (knowledge of Mayo Clinic’s IT environment is beneficial but not required)
• Experience with cloud platforms (GCP, Azure, AWS)
• Demonstrated experience managing multiple operating systems, including configuration, internals, and maintenance processes (Linux/Unix, Windows Server)
• Proficiency with virtualized environments (VMware, Hyper-V)
• In-depth knowledge of network topologies and protocols 
• Strong proficiency in scripting for system administration (Python, PowerShell, Bash)
• Integration with third party web API frameworks (e.g. REST)
• Knowledge of system design principles, software development methodologies, and project management methodologies
• Understanding of MITRE ATT&CK framework and adversary tactics, techniques, and procedures (TTPs)
• Knowledge of various security controls (EDR, DLP, SIEM, WAF, IDS/IPS, network segmentation, proxy) and how they integrate
• Knowledge of vulnerability management, penetration testing concepts, and risk assessment methodologies within an enterprise context
• Problem-solving, troubleshooting & critical thinking
• Demonstrated ability to multi-task, prioritize issues appropriately, and take responsibility and accountability for managing work with little or no direct supervision
• Exceptional analytical and troubleshooting skills for complex technical issues
• Understanding of how logs are collected, parsed, and indexed, and how correlation engines work
• Able to work with various data sources (network logs, endpoint logs, cloud logs, etc.) and design correlation rules that combine these signals
• Collaborate with other teams to generate the malicious behavior in a controlled environment
• Change management, change control, version control (Git) and CI/CD pipelines 
• Process and procedure development

Licensure or Certification
Must have one of the following certifications (or equivalent) at time of hire. In lieu of certification at time of hire, candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met.
• CISSP
• GSEC
• CISM
• OSCP
• HCISPP