Essential Responsibilities

Responsibilities listed in this section are core to the position. Inability to perform these responsibilities with or without an accommodation may result in disqualification from the position.

• Deploy, implement, document, and maintain security solutions.

• Resolve security engineering-related tickets in ServiceNow, ensuring timely resolution and adherence to SLAs.

• Develop and maintain comprehensive process documentation.

• Provide knowledge, coordination, and communication for security engineering projects.

• Identify and implement opportunities for process improvement and automation within the security engineering framework.

• Support the building of technology operational models and workflows for the business.

• Collaborate with IT teams and business units to ensure proper access controls and integration with other systems.

• Provide vendor management, service level definition, and management for security engineering technologies.

• Provide feedback on business case proposals, analysis of technologies, and project plans.

• Assist in security awareness training related to engineering.

• Support strategic contingency planning from a security perspective.

• Participate in regular business meetings and workshops to ensure knowledge transfer.

• Provide 24x7 on-call support based on security engineering staff rotation.

• Adhere to and support OU Health IT standards, policies, and procedures.

• Maintain and protect confidentiality regarding all aspects of patient care and employee information.

General Responsibilities

• Performs other duties as assigned.

Minimum Qualifications

Education Requirements: Bachelor’s Degree required.

Experience Requirements:

• 0-3 years of experience in Security Engineering required.

• Experience with various security services and tools, I.e. network protocols, firewalls, IDS/IPS, SIEM, logging, Active Directory, DLP, etc.

• Experience in managing multiple high-risk projects, including those involving external vendors.

License/Certification/Registration Requirements:

• One or more advanced security certifications are required or must be obtained within 36 months from the hire date. Desired certifications include CCSP, CISM, GSEC.

• Other security or IT certifications are highly desirable, such as CEH, CHFI, CISA, CISM, CRISC, CCNA

Knowledge/Skills/Abilities Required:

• Knowledge of cloud services and methodologies is preferred.

• Understanding of SSO, MFA, PAM, least privilege concepts.

• Knowledge of supported operating systems (Windows server and VMware ESX) network technology (Route, Switch, Firewall, VPN), utilities, vendor products, diagnostic techniques, applicable communications protocols, applicable hardware configurations, vulnerability management

• Knowledge of applicable programming languages, and scripting.

• Must have security regulation and security framework knowledge. Examples include CIA triad, HIPAA, HITECH, HITRUST, NIST, ISO, and COBIT

• Strong technical problem-solving skills with strong attention to detail.

• Excellent communication, leadership, and teamwork skills.

• Ability to implement process improvements and automation solutions within security.

• Leadership skills to establish and maintain business relations with technical resources, customers, business partners, vendors, and other IT personnel.