Sr IT Security Engineer

If you're ready to be part of our legacy of hope and innovation, we encourage you to take the first step and explore our current job openings. Your best is waiting to be discovered. 

 

Day - 08 Hour (United States of America)

This is a Stanford Health Care job.

As a Sr IT Security Engineer, your primary responsibilities include implementing network segmentation strategies for campus environments using Cisco Identity Services Engine (ISE) to ensure proper access control and security measures. You will also utilize Network Admission Control (NAC) technology to enforce security policies and control device access. Additionally, you will be collaborating closely with Device owners, IT, Cybersecurity, and Network Operations teams to ensure seamless integration of these network segmentation solutions. You will be expected to stay updated on the latest security trends and best practices to effectively manage and secure our network infrastructure.

A Brief Overview
The Senior IT Security Engineer is responsible for leading the development of a robust IT security program designed to protect SHC assets from vulnerabilities and malicious activity, software, and code. Senior IT Security Engineers will additionally be responsible for analyzing and correlating information collected from a variety of sources to identify, investigate, and report vulnerabilities in the SHC environment, developing and implementing mitigation countermeasures for identified and potential threats, and leading the resolution of identified security incidents.

Locations
Stanford Health Care

What you will do

• Document, maintain, and implement standards, policies, and procedures within security disciplines that may include vulnerability management, forensics, host and network-based intrusion detection, anti-virus/malware management, or data loss prevention.
• Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of SHC networks, host systems, and data, including:
  o Analyze network traffic and host data to identify anomalous activity and potential threats to SHC resources;
  o Establish alerting thresholds/triggers, analyze alerts from various sources within the enterprise, and determine possible causes and effects on SHC systems and data;
  o Validate intrusion detection system (IDS) alerts against network traffic and host data sources using to root out false positives;
  o Perform regular and ad-hoc vulnerability and malware scans to identify unauthorized access to SHC data systems and malicious code activity such as trojans, root kits, backdoors, bots, or malware.
• Provide level 3 engineering support for security incidents and threats in the SHC environment, including:
  o Perform initial incident triage, determining scope, urgency, and potential impact of security incidents;
  o Respond to and resolve identified security incidents, maintaining contact with end users and the SHC service desk through resolution.
  o Coordinate with network, data center, desktop, and application support teams as required to validate alerts, ensure incident resolution, and perform root cause analysis;
  o Perform incident escalation to the appropriate SHC stakeholders as required.
  o Perform forensic analysis on known security vulnerabilities and recommend risk mitigation procedures.
• Provide technical consultation and direction on application design, architecture, and system performance as it relates to security.
• Perform trend analysis and reporting on security incidents, identify technical and procedural findings, and recommend remediation strategies or technical solutions.
• Participate in IT security audits as required.

Education Qualifications

• Bachelor’s Degree in Engineering, Computers Science, or related field from an accredited college or university.

Experience Qualifications

• Five (5) years of progressively responsible and directly related work experience.

Required Knowledge, Skills and Abilities

• Strong knowledge and experience with tools, platforms, and protocols such as:
  o TCP/IP, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and directory services
  o Network security defense technologies such as IDS, IPS, Endpoint protection, DLP, NAC, Proxy, and WAF;
  o Unix, Linux, Apple, and Windows operating systems;
  o SCCM/SCOM;
  o Mobile platforms.
• Strong knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth).
• Ability to identify systemic security issues based on analysis of vulnerability and configuration data.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code).

Licenses and Certifications

• CISSP - Cert Information Systems Security Prof
• CISM, OR GIAC

These principles apply to ALL employees:

SHC Commitment to Providing an Exceptional Patient & Family Experience


Stanford Health Care sets a high standard for delivering value and an exceptional experience for our patients and families. Candidates for employment and existing employees must adopt and execute C-I-CARE standards for all of patients, families and towards each other. C-I-CARE is the foundation of Stanford’s patient-experience and represents a framework for patient-centered interactions. Simply put, we do what it takes to enable and empower patients and families to focus on health, healing and recovery.



You will do this by executing against our three experience pillars, from the patient and family’s perspective:

• Know Me: Anticipate my needs and status to deliver effective care
• Show Me the Way: Guide and prompt my actions to arrive at better outcomes and better health
• Coordinate for Me: Own the complexity of my care through coordination

Equal Opportunity Employer Stanford Health Care (SHC) strongly values diversity and is committed to equal opportunity and non-discrimination in all of its policies and practices, including the area of employment. Accordingly, SHC does not discriminate against any person on the basis of race, color, sex, sexual orientation or gender identity and/or expression, religion, age, national or ethnic origin, political beliefs, marital status, medical condition, genetic information, veteran status, or disability, or the perception of any of the above. People of all genders, members of all racial and ethnic groups, people with disabilities, and veterans are encouraged to apply. Qualified applicants with criminal convictions will be considered after an individualized assessment of the conviction and the job requirements.

Base Pay Scale: Generally starting at $60.92 - $80.73 per hour

The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, specialty and training. This pay scale is not a promise of a particular wage.