IT Security Engineer
The IT Security Engineer identifies, investigates, resolves and develops processes, procedures and associated documentation relative to security of computer systems, networks and telecommunications along with addressing privacy, confidentiality and standards administration. The IT Security Engineer focuses on identity and access management aspects of information security and serves as a leader for managing all aspects of access control tools and identity management processes and technologies.
Responsibilities of the IT Security Engineer:
• Design, engineer, and ensure that security is "built into” the organizations application and IAM platforms
• Lead day to day operations of the IAM team
• Train and develop a team of skilled Information Security analysts and IAM team members.
• Design and develop access management solutions based on industry best practices.
• Act in the capacity as the most senior technical expert for all identity and access management technologies, tools, and processes.
• Contribute and maintain all processes and tools for identity and access management.
• Develop and manage technical processes for the provisioning and periodic review of access to systems
• Develop and direct IAM technical team in the investigation and resolution of complex privacy, security, and access management problems.
• Analyze performance of IAM applications and act to correct deficiencies
• Coordinate changes with members from IAM, Info Security, clinical teams and including Infrastructure teams Interact with UHs vendor and business partners to ensure the hospitals business and financial interests are represented appropriately.
• Follow the established change control processes, maintain and modify IAM web applications
• Research and mitigate significant risks associated with projects.
• Review, assess, study, and analyze the procedures and documentation relative to privacy and security issues.
• Prepare and maintain Information Security technology "roadmap" as it relates to identity and access management.
• Act as a member and subject matter expert for the Information Technology Incident Response Team.
• Work with Information Security Senior Management and healthcare system legal counsel relative to difficult privacy and security issues
• Work with Information Security Senior Management and other healthcare system personnel in conducting audits and tests of various security systems.
• Recommend and coordinate the use of consultants for specialized activities relative to health information privacy and security.
• Use a systematic approach for the identification and resolution of complex privacy and security issues.
• Coordinate and facilitate problem resolution sessions where multiple departments and/or service areas are involved.
• Effectively communicate and explain technology to non-technical people to encourage understanding and participation in technology planning.
• Build training and awareness plans around identity and access management tools and processes.
• Train and share knowledge within IAM team.
• Lead the staff operations of the IAM Information Security department.
• Address special projects as assigned
• Provide on call support for production and non-production issues.
• Proactively keep abreast of new technology trends and investment opportunities so that informed recommendations can be made in support of hospitals business needs.
• Conduct research into new technologies, including tools, components, and frameworks.
Requirements of the IT Security Engineer:
• Bachelor’s degree in Information Technology, Computer Science, or a related field
• 5 to 10 years of progressive experience in information security, information management, information systems, identity management, access control and/or risk management.
• Hands-on experience with the SailPoint IdentityIQ or similar identity Management products such as Microsoft Identity Management, Oracle
• Hands-on experience working with Oracle Directories (ODSEE, OUD and/or OID), Active Directory or similar LDAP technologies.
• Demonstrated experience with Linux/Unix, Windows, scripting (Bash, PowerShell, Perl), SQL, LDAP, and web services.
• Demonstrated experience leading and participating in troubleshooting, managing, and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.
• Knowledge of LDAP and identity federation
• Experience with MFA and Single Sign On application support and application provisioning
• Excellent written, interpersonal and communication skills.
• Extensive knowledge of access management tools, processes and best practices
• Ability to effectively work with and coordinate the activities of outside consultants and auditors.
• Ability and skill to influence personnel through a matrix organization as opposed to line management authority. Ability to develop and lead teams toward stated objectives and goals.
• Interpersonal communication skills for working with personnel in sometimes difficulty or tense situations.
• Credentials, Licensure or Certification (i.e. RN, RRT): Microsoft Certified Solution Expert, CISSP (Certified Information Systems Security Specialist).
Submit resume to:
Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against based on race. color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information or any other consideration prohibited by law or contract.
Must be legally authorized to work in the US without sponsorship for employment visa status now or in the future.