Information Security Engineer - IS Mod

The Office of Information Security's Email-Endpoint-PKI Security Team is seeking an Information Security Engineer with a background in endpoint security infrastructure, tools and solutions. This role will collaborate with a team of security engineers to modernize and support Mayo Clinic's endpoint security infrastructure and practices, working collaboratively across the IT and Risk departments to ensure a safe, compliant, and resilient endpoint environment in support of the Information Security Modernization Program for Endpoint Protection. The Information Security Engineer is results oriented, multi-disciplined, and comfortable working with senior engineering staff and management to implement system security solution in multi-vendor environments and acts as an information security liaison to various business units and the information technology department to assist with the security design, consultation, and technology implementation for various Mayo Clinic projects and initiatives. The incumbent also assists system users relative to information systems security matters and undertakes moderately complex projects requiring additional specialized technical knowledge. Specifically, the engineer is knowledgeable, becoming proficient, and experienced in:

• Working with business partners within the department to achieve organizational and OIS goals
• Developing required competencies by mastering fundamental tasks
• Analyzing technology security posture and appropriate use of security defenses
• Matching technical solutions with business requirements and then participating in their design and implementation;
• Software development, testing, support/problem solving, and overall technology administration;
• Organizational procedures such as the system development lifecycle;
• Use of defensive measures and information to identify, analyze and report security events;
• Researching and understanding pertinent information technology laws, policies and procedures
• Establishing timelines and delivery of requirements
• Applying IT-related laws and policies, and providing IT-related guidance throughout the software acquisition lifecycle
• Collecting and analyzing information to identify vulnerabilities and potential for exploitation
• Managing and administering processes and tools that enable the organization to identify, document, and access intellectual capital and information content
• Executing duties governing hardware, software, and information system acquisition programs and other program management policies with support Mayo Clinic will not sponsor or transfer visas for this position including

F1 OPT STEM.

Note that this position is Hybrid, which requires that the selected applicant lives within 100 miles of a main Mayo Clinic site for periodic on-campus work. Additionally, on-call rotation participation is required. Master's Degree or a Bachelor's degree in Computer Science, Information Systems, Engineering or related major and a minimum one (1) year experience in the information security field required, OR Associates degree and two (2) years' experience in the information security field.

The Information Security Engineer also requires the following skills/abilities.

• Understands the use and efficacy of information security tools, server configurations and controls with the ability to install, configure, test and operate them.
• Able to test, implement, deploy, maintain, review and administer the infrastructure hardware and software required to effectively secure the enterprise, protect data, identify and mitigate risks
• Ability to collect, process, preserve, analyze and present computer related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence or law enforcement investigations.
• Provides technical opinions/conclusions re. security tools, trends, and controls which are supported by documented evidence, based on multiple perspectives and leverage of a variety of resources
• Demonstrates knowledge of standard operating procedures, workflows and supporting technology across numerous critical user areas and an in-depth knowledge of multiple computing technologies either being actively used or of significant interest to Mayo; understands how systems fit into larger picture of technology at Mayo.
• Capacity to work independently and willingness to seek advice/assistance. Must have one of the following certifications (or equivalent) at time of hire. In lieu of certification at time of hire, candidate must pass the exam within two years, and complete the certification process once years of service requirements of the certifying body have been met.
• CISSP
• GSEC
• CISM
• HCISPP
• OSCP