Principal Information Security Engineer

Mayo Clinic•Rochester, MN

4h•Hybrid

About The Position

The Principal Information Security Engineer in the Cybersecurity Operations Center provides leadership and senior level technical skills responsible for advancing the organization’s security operations, incident response capabilities, and overall security monitoring program maturity. Serves as an information security liaison, partnering closely with organizational units and stakeholders to provide deep subject matter expertise in security operations functions, incident response requirements, and responsible application of AI‑enabled security capabilities. Recognized as an expert in digital forensics and malware reverse engineering and plays a critical role during high‑impact cybersecurity incidents by advising and supporting incident handling activities, participation in an on‑call rotation for escalated and enterprise‑significant security events. Provides strong technical leadership to drive consistency and excellence across security operations through mentorship, training, and authoritative guidance. Drives program process improvements to ensure advanced analytics, automation, and artificial intelligence are leveraged to enhance detection, investigation, and response outcomes. Works closely with team members to provide technical decision‑making, complex problem solving, and cross‑team coordination to improve detection and response processes. Produce clear, actionable reporting, metrics, and investigative findings to support operational decision‑making, leadership visibility, and continuous improvement of security operations. Operates with a long‑term, systems‑level perspective, shaping how security capabilities are designed, implemented, and sustained, including the evaluation and integration of AI‑driven tools and techniques. Success in this role is measured by improved operational outcomes, reduced risk, increased response effectiveness, and the maturity and scalability of the organization’s security operations center and incident response practices. The Information Security Principal Engineer acts as an information security liaison to various business units and the Information Technology Department to provide direction, training, and guidance for OIS staff. The Information Security Principal Engineer is considered an expert, leader and mentor; identifying and resolving technology related information security gaps based on the organization’s risk posture. Specifically, the Information Security Principal Engineer is knowledgeable, proficient and experienced in: •Working with business partners across the organization to achieve organizational and OIS goals •Working collaboratively with team members and other leaders to develop and implement cybersecurity strategy based on industry best practice •Developing secure network and systems architecture •Analyzing technology security posture and appropriate use of security defenses •Matching technical solutions with business requirements and then designing and implementing them; •Software development, testing, support/problem solving, and overall technology administration; •Organizational procedures such as the system development lifecycle; •Use of defensive measures and information to identify, analyze and report security events; •Researching and understanding pertinent information technology laws, policies and procedures •Providing direct support for acquiring information security technology and applications •Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle •Collecting and analyzing information to identify vulnerabilities and potential for exploitation •Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content •Executing duties governing hardware, software, and information system acquisition programs and other program management policies

Requirements

Expertise in digital forensics and malware reverse engineering.
Knowledgeable, proficient and experienced in software development, testing, support/problem solving, and overall technology administration.
Knowledgeable, proficient and experienced in organizational procedures such as the system development lifecycle.
Knowledgeable, proficient and experienced in the use of defensive measures and information to identify, analyze and report security events.
Knowledgeable, proficient and experienced in researching and understanding pertinent information technology laws, policies and procedures.
Knowledgeable, proficient and experienced in applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle.
Knowledgeable, proficient and experienced in collecting and analyzing information to identify vulnerabilities and potential for exploitation.
Knowledgeable, proficient and experienced in managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Knowledgeable, proficient and experienced in executing duties governing hardware, software, and information system acquisition programs and other program management policies.

Nice To Haves

Incumbent must live within 100 miles of a Mayo Clinic campus.

Responsibilities

Provides leadership and senior level technical skills responsible for advancing the organization’s security operations, incident response capabilities, and overall security monitoring program maturity.
Serves as an information security liaison, partnering closely with organizational units and stakeholders to provide deep subject matter expertise in security operations functions, incident response requirements, and responsible application of AI‑enabled security capabilities.
Plays a critical role during high‑impact cybersecurity incidents by advising and supporting incident handling activities.
Participates in an on‑call rotation for escalated and enterprise‑significant security events.
Provides strong technical leadership to drive consistency and excellence across security operations through mentorship, training, and authoritative guidance.
Drives program process improvements to ensure advanced analytics, automation, and artificial intelligence are leveraged to enhance detection, investigation, and response outcomes.
Works closely with team members to provide technical decision‑making, complex problem solving, and cross‑team coordination to improve detection and response processes.
Produce clear, actionable reporting, metrics, and investigative findings to support operational decision‑making, leadership visibility, and continuous improvement of security operations.
Operates with a long‑term, systems‑level perspective, shaping how security capabilities are designed, implemented, and sustained, including the evaluation and integration of AI‑driven tools and techniques.
Acts as an information security liaison to various business units and the Information Technology Department to provide direction, training, and guidance for OIS staff.
Identifies and resolves technology related information security gaps based on the organization’s risk posture.
Works with business partners across the organization to achieve organizational and OIS goals.
Works collaboratively with team members and other leaders to develop and implement cybersecurity strategy based on industry best practice.
Develops secure network and systems architecture.
Analyzes technology security posture and appropriate use of security defenses.
Matches technical solutions with business requirements and then designs and implements them.
Provides direct support for acquiring information security technology and applications.
Applies IT-related laws and policies, and provides IT-related guidance throughout the software acquisition lifecycle.
Collects and analyzes information to identify vulnerabilities and potential for exploitation.
Manages and administers processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Executes duties governing hardware, software, and information system acquisition programs and other program management policies.