Senior IT Security Engineer


  • Location: Oklahoma City, OK
  • Posted: May 22, 2019

Job Description


The Senior IT Security Engineer is responsible for assisting in the design, implementation, and support of various risk based activities and IT security technologies and solutions for OU Medicine, remote clinics, and office buildings. This position will manage data collection, reporting, and trending for all critical systems components and services, and will require collaboration with other technical resources in OU Medicine to assess and take authorized action on anticipated improvements. The IT Security Senior Engineer assists in the diagnosis and resolution of the most complex platform incidents and requests that require research and diagnosis, and recommends process changes that improve the implementation, maintenance, and support of systems security. This position actively participates in strategic planning and 24x7 on-call support with other members of IT staff.

The IT Security Senior Engineer assists security architect and leadership, coordination, and communication for projects involving security solutions. This includes, but may not be limited to, assisting in the design, implementation, and deployment of various security technologies within the enterprise. This position is responsible for defining scope of various projects, ensures that all deliverables are met, and adheres to and supports IT policies and procedures.

This position is responsible achieving alignment and continuity between enterprise, business and IT strategies, leveraging existing security investments and providing scalable options as business requirements necessitate a need for change. This requires the IT Security Senior Engineer to keep abreast of the latest security and risk management technologies, services, and components, actively facilitate communication between the business and IT, and provide coordination to a team of resources assigned to accomplish specific technical tasks.

Essential Responsibilities:

Responsibilities listed in this section are core to the position. Inability to perform these responsibilities with or without an accommodation may result in disqualification from the position.

Provides local leadership, subject matter knowledge, coordination, and communication for projects involving cyber security and information risk, including defining scope and ensuring deliverables are met.

Ensures alignment and continuity between enterprise, business and IT strategies.

Creates business case proposals, analysis of technologies, financials, and proposed project plans.

Creates RFPs, conduct, reviews/assessments, and make vendor recommendations.

Performs contract reviews and ensure risks are mitigated.

Assists in the design, implementation, monitoring and support of the hardware and software related to the cyber security and information risk program.

Assist and lead various security assessments and control reviews.

Identifies gaps to security protocol in existing architecture.

Provides security awareness training.

Participates in strategic planning; creation and maintenance of standards, policies, and procedures.

Manages data collection, reporting, and trending for critical risk and security devices and components.

Proactively addresses a change in business requirements by leveraging existing risk and security investments.

Provides 24x7 on-call support based on IT staff rotation and carries a phone as warranted, to assist with the most complex troubleshooting, coordination, escalation, and resolution of risk and security-based incidents, equipment failures, etc...

Assists in building of technology operational models and work flows for the business.

Assists in strategic contingency planning from a security and risk perspective.

Provides vendor management, service level definition and service level management for vendors of risk and security technologies and/or services.

Coordinates and participates in regular business meetings and workshops with technical staff to ensure timely transfer of knowledge, which affects security architecture and security policies.

Participates in meetings, committees and continuing education to improve individual, departmental and organizational performance.

Aids and trains users on proper use of technology.

Adheres to and supports OU Medicine IT standards, policies and procedures.

Maintains and protects confidentiality with regard to all aspects of patient care and employee information.

Adheres to Code of Conduct and Mission & Value Statement.

General Responsibilities:
Performs other duties as assigned

Qualifications

Minimum Qualifications:

Education: Bachelors degree in a computer science or information technology related subject is preferred.

Experience:

Six plus (6+) years experience with complex system and security technologies and / or 6+ information risk experience.
Candidate should have managed multiple high-risk projects, including projects involving external vendors and multiple business areas in the health care information field. Multiple entity experience is preferred.
Demonstrated expertise in creating and maintaining project deliverables such as project charter, project plan, status reports, project timesheets, estimates, communication plan, change control reporting, risk management plan, technical release management plan, budget (work hours and cost), milestone/deliverable charts.

Licensure/Certifications/Registrations Required:

CISSP or GSEC or CISM required or obtained within 1 year.
Current or previously held vendor, security, systems, architect, project, audit, or network certifications preferred examples include; Cisco security, Microsoft Security, CCNP, CCNA, MCSE, CISM, CISA, CEH etc.
Valid state drivers license, proof of auto insurance, and reliable personal transportation capable of transporting both employee and standard work equipment

Knowledge, Skills and Abilities:

Strong technical competencies in the following:

In depth knowledge of supported operating systems (Windows server and VMware ESX) network technology (Route, Switch, Firewall, VPN), utilities, vendor products, applicable programming languages and scripting, diagnostic techniques, applicable communications protocols, applicable hardware configurations

Must have 1 years experience in deploying technically complex infrastructure computing solutions across platforms and components.

Must have security regulation and security framework knowledge. Examples include, HIPAA, HITECH, HITRUST, NIST, ISO, and COBIT.

Must be able to demonstrate knowledge of the following topics: firewall management, content filtering, IDS/IPS management, DLP, Identity management, and cloud security management.

Ability to work with IT technical resources and understand their requirements is necessary.

Leadership skills to establish and maintain business relations with technical resources, customers, business partners, vendors, and other IT personnel

Change Management High tolerance for Change

Political Judgment Involves all relevant stakeholders in major decisions; Strong facilitation skills; Utilizes approaches that foster ownership and minimize resistance

Hands-on Approach Acts as a role model for other technical resources; maintains subject matter depth and breadth; knowledgeable of current issues

Makes decisions which are in the best interests of the business without succumbing to pressures

Is available and accessible; Maintains a positive attitude

Organization Proactively prioritizes needs; Effectively manages resources

Communication Communicates complicated technical scenarios in common terms; Communicates clearly across a wide audience (oral and written communications)

Customer Orientation - Establishes and maintains long-term customer relationships, builds trusts and is respected by consistently meeting or exceeding expectations

Motivate and challenge technical resources

Problem Management

Project Management

OU Medicine has a comprehensive benefits package, including PTO, 401(k), medical and dental plans, but our offerings go beyond traditional packages. We know that a total benefits and compensation package, designed to meet your specific needs and goals both inside and outside of the work environment, brings additional rewards that create peace of mind for you and your family.

Primary Location: United States-Oklahoma-Oklahoma City

Work Locations: OU Medical Center 700 NE 13th St. Oklahoma City 73104

Job: Other

Schedule: Regular

Shift: Standard

Job Type: Full-time

No Weekends

Job Posting: Apr 12, 2019, 1:26:22 PM

Employment Type


  • Full-time

OU Medicine

711 Stanton L Young Blvd
Oklahoma City, OK 73104

Phone: (405) 271-6035

Fax: (405) 271-6035

Web: http://www.oumedicine.com

More:

Apply Now