Senior Information Security Engineer

Mayo Clinic•Rochester, MN

20h

About The Position

The Senior SOC Engineer is an integral part of the organization’s cybersecurity operations ensuring that security incidents are detected and responded to promptly and effectively. Responsible for identifying and analyzing security threats and incidents. Utilizes various tools and techniques to detect malicious activities and respond to them swiftly to mitigate potential damage. Consists of gathering, analyzing, and interpreting threat intelligence data to anticipate and prevent security breaches. Keeps abreast of the latest cyber threat landscape and integrates intelligence into SOC operations. Accurate documentation and reporting of security incidents are essential for developing strategies to prevent future occurrences. Prepares detailed reports on incidents and the responses taken. Works closely with other departments, such as IT, compliance, and risk management, to ensure integrated security measures are in place. Provides training and mentorship to junior analysts, enhancing their skills and knowledge in cybersecurity. Stays current with emerging threats, attack techniques, and AI/ML advancements in cybersecurity. The Information Security Senior Engineer is results oriented, multi-disciplined, and comfortable in implementing system security solutions in multi-vendor environments and acts as an information security liaison to various business units and the information technology department to assist with the security design, consultation, and technology implementation for various Mayo Clinic projects and initiatives. The incumbent also assists system users relative to information systems security matters and undertakes complex projects requiring additional specialized technical knowledge. Specifically, the Information Security Senior Engineer is knowledgeable, proficient, and experienced in: • Working with business partners within the department to achieve organizational and OIS goals • Developing required competencies by mastering fundamental tasks • Independently analyzing technology security posture and appropriate use of security defenses • Matching technical solutions with business requirements and then designing and implementing them; • Self-directed software development, testing, support/problem solving, and overall technology administration; • Organizational procedures such as the system development life-cycle; • Use of defensive measures and information to identify, analyze and report security events; • Researching and understanding pertinent information technology laws, policies and procedures • Establishing timelines and delivery of requirements • Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle • Collecting and analyzing information to identify vulnerabilities and potential for exploitation • Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content • Executing duties governing hardware, software, and information system acquisition programs and other program management policies with minimal support Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM.

Requirements

Results oriented, multi-disciplined.
Knowledgeable, proficient, and experienced in working with business partners within the department to achieve organizational and OIS goals.
Knowledgeable, proficient, and experienced in developing required competencies by mastering fundamental tasks.
Knowledgeable, proficient, and experienced in independently analyzing technology security posture and appropriate use of security defenses.
Knowledgeable, proficient, and experienced in matching technical solutions with business requirements and then designing and implementing them.
Knowledgeable, proficient, and experienced in self-directed software development, testing, support/problem solving, and overall technology administration.
Knowledgeable, proficient, and experienced in organizational procedures such as the system development life-cycle.
Knowledgeable, proficient, and experienced in the use of defensive measures and information to identify, analyze and report security events.
Knowledgeable, proficient, and experienced in researching and understanding pertinent information technology laws, policies and procedures.
Knowledgeable, proficient, and experienced in establishing timelines and delivery of requirements.
Knowledgeable, proficient, and experienced in applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle.
Knowledgeable, proficient, and experienced in collecting and analyzing information to identify vulnerabilities and potential for exploitation.
Knowledgeable, proficient, and experienced in managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Knowledgeable, proficient, and experienced in executing duties governing hardware, software, and information system acquisition programs and other program management policies with minimal support.

Responsibilities

Identifying and analyzing security threats and incidents.
Utilizing various tools and techniques to detect malicious activities and respond to them swiftly to mitigate potential damage.
Gathering, analyzing, and interpreting threat intelligence data to anticipate and prevent security breaches.
Keeping abreast of the latest cyber threat landscape and integrating intelligence into SOC operations.
Accurate documentation and reporting of security incidents.
Preparing detailed reports on incidents and the responses taken.
Working closely with other departments, such as IT, compliance, and risk management, to ensure integrated security measures are in place.
Providing training and mentorship to junior analysts, enhancing their skills and knowledge in cybersecurity.
Staying current with emerging threats, attack techniques, and AI/ML advancements in cybersecurity.
Implementing system security solutions in multi-vendor environments.
Acting as an information security liaison to various business units and the information technology department to assist with the security design, consultation, and technology implementation for various Mayo Clinic projects and initiatives.
Assisting system users relative to information systems security matters.
Undertaking complex projects requiring additional specialized technical knowledge.
Working with business partners within the department to achieve organizational and OIS goals.
Developing required competencies by mastering fundamental tasks.
Independently analyzing technology security posture and appropriate use of security defenses.
Matching technical solutions with business requirements and then designing and implementing them.
Self-directed software development, testing, support/problem solving, and overall technology administration.
Adhering to organizational procedures such as the system development life-cycle.
Using defensive measures and information to identify, analyze and report security events.
Researching and understanding pertinent information technology laws, policies and procedures.
Establishing timelines and delivery of requirements.
Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle.
Collecting and analyzing information to identify vulnerabilities and potential for exploitation.
Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
Executing duties governing hardware, software, and information system acquisition programs and other program management policies with minimal support.