This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This role will be that of a Senior Information Security Engineer. This person will lead our effort in enhancing and maturing our defensible architecture across our network and Cloud solutions.

• Assist Incident Response as needed and document improvements to processes and procedures.
• Primarily responsible for the creation of Standard Operating Procedures for SOC operations related to all Network Security solutions.
• Implement and operate security controls to minimize risk to physical and logical assets of the University of Chicago Medical Center.
• Ensure the confidentiality and integrity of UCMC sensitive information.
• Assist with core security activities of UCMC and lead many enhancement projects.
• Design and implement enterprise network security systems, security operations, threat analysis, log and event management, and network monitoring.

Qualifications

• BS or BA degree in Computer Science or other IT related field, or combination of education and work experience.
• 8 years of Information Security experience required, preferably at least 3 years in a Senior or Lead Engineering role.
• Minimum 5 years’ experience in cloud security engineering, focusing on Microsoft Azure.
• 5 years’ experience maintaining and designing Defense-in-Depth strategies for complex network architectures.
• Solid understanding of threat modeling, risk assessment, and Cloud Security best practices.
• In-depth knowledge of network routing and defensible architectures in Cloud environments, such as Azure, AWS or Google Cloud.
• In-depth knowledge of computing systems, data network communications, and network architecture.
• Effective written and verbal communication skills.
• Good working knowledge of the Plan, Build, Run model within an IT environment.
• Some scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
• Expert understanding of TCP/IP (OSI Layers 1–4) and Internet and Intranet technologies required (OSI Layers 5-7).
• Good knowledge of Windows and Linux Operating Systems.
• Good knowledge of vulnerability management, risk analysis, and forensics preferred.
• Experience with HIPAA, NIST, FERPA, and SOX preferred.

Requirements

• Design, deploy, and manage security solutions within Cloud environments (Azure experience preferred).
• Assist other security engineering and consulting needs as they arise.
• Implement cloud security controls and monitor compliance frameworks (Azure Security Center, Azure Policy, etc.).
• Collaborate with development, operations, and compliance teams to achieve security goals.
• Document security processes and procedures for all Cloud related monitoring and response personnel.
• Develop project plans and manage project teams for security related projects.
• Provide communications, including status reporting, risk management, escalation of issues, and ensure the project is delivered on budget, on schedule, and within scope.
• Other duties as assigned.

Benefits

UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position.

• The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis.
• Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity.
• Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.