Senior Information Security Operations Engineer

Sanford Health•Sioux Falls, SD

4d•$43 - $71

About The Position

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We’re proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint. Responsible for the technical and operational delivery of enterprise cybersecurity; focusing on the development and implementation of processes and tools that support Vulnerability Management threat prevention, threat hunting, vulnerability assessments, and incident response. Also responsible for minimizing identified threats and risks to the organization through collaboration with other Information Security and Sanford technological groups.

Requirements

Bachelor’s degree required, in lieu of education, leadership may consider an Associates degree plus 3 years of applicable experience in computer science, cyber security or an information technology related field.
Minimum of 4 years' experience working in Cyber Security required.
Strong working knowledge of the information security standards and procedures including HIPAA and PCI.

Nice To Haves

Project management exposure preferred (owning cross-team initiatives, roadmaps, and deliverables).
Advanced security training is desired.
Security Certifications are desired.

Responsibilities

Perform and coordinate, with other team members, real-time and forensic log and EDR monitoring and analysis to provide network, data, and asset security for Sanford Health.
Complete, configure, and tune vulnerability assessments and report results to application and asset owners.
Provide consulting services to owners relating to response activities.
Perform, lead, and coordinate on Incident Response activities including the collection, preservation, and interpretation of digital evidence.
Build, administer, and support the IS Vulnerability Management tools, processes, and services.
Identify and complete improvements and metrics to Vulnerability Management processes and services.
Manage the IS Vulnerability Management ticket queue.
Prioritize and complete tickets according to impact to Sanford Health business functions.
Provide security consulting services to other Sanford Health groups.
Mentor other Vulnerability Management team members on tools, processes, and Sanford Health areas.
Coordinate and participate in activities with other IT Security groups by providing aid and consulting when needed.
Lead day-to-day vulnerability operations (scan scheduling, authenticated coverage, agent health) and engineer improvements across tooling workflows.
Develop and mature the Vulnerability Management program: define SLAs, priorities, exception guardrails, and reporting; design playbooks for zero-day/KEV response.
Drive remediation campaigns with asset owners; convert findings into work items with clear scope, owners, and due dates; track to closure.
Partner with Technology Solutions teams to reduce exposure footprint (consult on configuration baselines, conditional access, system hardening).
Produce executive metrics and service reporting (exposure trends, SLA compliance, coverage, time-to-remediate).