Senior Security Engineer

Position Purpose

The Sr. Security Engineer is a senior-level employee who, under the direction of the Chief Information Security Officer (CISO), is responsible for designing, building, testing and implementing security solutions within the Renown IT network. The Sr. Security Engineer is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products.

The Sr. Security Engineer must be able to plan, analyze, design, configure, test, implement, maintain and support Renown’s computer and network security infrastructure in a manner that is responsive to changes in regulations and risk. This requires knowing the business – a comprehensive awareness of its technology and information needs – which is used to develop and test security structures to protect its systems.

The Sr. Security Engineer duties include, but are not limited to:

•Design, build and implement enterprise-class security systems

•Align security standards and frameworks with overall business and technology strategy

•Identify and communicate current and emerging security threats

•Design security architecture elements to mitigate threats as they emerge

•Create solutions that balance business requirements with information and cyber security requirements

•Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

•Act as the liaison between Information Security and the IT Architects

•Train users in implementation or conversion of security systems

Nature and Scope

1. Contributes to the enterprise’s security software architecture strategy including the integration of components across multiple environments and platforms (e.g., cloud, on premise, co-location).

2. Optimizes the delivery of security software at the enterprise level to realize an integrated (business/technology) strategy.

3. Ensures that IT architectural decisions are consistent with Information Security policies and standards.

4. Demonstrates the level of alignment between strategic goals and key technology decisions in accordance with the Information Security Roadmap.

5. Applies a structured approach and methodology for capturing the key information protection views of the business and IT in the context of the enterprise.

6. Enumerates, analyzes, catalogs, and suggests improvements to the strategic, core, and support security services of the enterprise, as needed, to meet strategic and operational goals.

7. Evaluates and presents information that will facilitate effective and timely decision-making through written and oral communication that effectively summarizes findings with recommendations.

8. Creates process models/flows that show technical integration points between security systems, platforms and solutions.

9. Scans, evaluates, selects, and integrates new security technologies and toolsets.

10. Understands, advocates, and supports the enterprise’s information security technology strategies.

11. Analyzes the current technology environment to detect deficiencies and recommends solutions for the improved uses of information security technology.

12. Integrates security requirements, workflow, and logical processes with the platforms and services and interfaces between diverse systems.

13. Participates in the recruitment and selection of certain high-level technical information security staff, develops and oversees training programs in tools and methodologies for development teams, and leads or manages special project teams as assigned.

This position does not provide patient care.

Disclaimer

The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.

Minimum Qualifications Requirements - Required and/or Preferred

Name

Description

Education:

Must have working-level knowledge of the English language, including reading, writing and speaking English. Bachelor’s degree in CS/EE Degree or equivalent work experience required or similar field is required.

Experience:

Five years’ experience with:

• Designing and implementing security solutions, including continuous monitoring and making improvements to those solutions.

• Consulting and engineering in the design, development and implementation of security best practices.

• Strong technology research skillset with proven ability to architect and present technology alternatives based on scope-level business concepts.

• The security considerations of cloud computing.

• National Institute of Standards & Technology Cyber Security Framework (NIST CSF).

License(s):

N/A

Certification(s):

Preferred Certified Information Security Systems Professional (CISSP), Information Systems, Systems Security Certified Practitioner (SSCP), Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA), or Information Systems Security Engineering Professional.

Computer / Typing:

Professional:

Must be proficient with Microsoft Office Suite, including Outlook, PowerPoint, Excel and Word and have the ability to use the computer to complete online learning requirements for job-specific competencies, access online forms and policies, complete online benefits enrollment, etc.