IT SECURITY ENGINEER

If you're ready to be part of our legacy of hope and innovation, we encourage you to take the first step and explore our current job openings. Your best is waiting to be discovered. 

This is a Stanford Health Care job.

A Brief Overview
The IT Security Engineer is responsible for analyzing and correlating information collected from a variety of sources to identify, investigate, and report vulnerabilities in the SHC environment. IT Security Engineers will additionally be responsible for assisting with resolution of identified security incidents, and coordinating with infrastructure and applications teams as required to achieve incident resolution.

Locations
Stanford Health Care

What you will do

• Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of SHC networks, host systems, and data, including:
• Analyze network traffic and host data to identify anomalous activity and potential threats to SHC resources;
• Establish alerting thresholds/triggers, analyze alerts from various sources within the enterprise, and determine possible causes and effects on SHC systems and data;
• Validate intrusion detection system (IDS) alerts against network traffic and host data sources using to root out false positives;
• Perform regular and ad-hoc vulnerability and malware scans to identify unauthorized access to SHC data systems and malicious code activity such as trojans, root kits, backdoors, bots, or malware.
• Provide engineering support for security incidents and threats in the SHC environment, including:
• Perform initial incident triage, determining scope, urgency, and potential impact of security incidents;
• Respond to and resolve identified security incidents, maintaining contact with end users and the SHC service desk through resolution;
• Perform forensic analysis on known security vulnerabilities and recommend risk mitigation procedures.
• Perform trend analysis and reporting on security incidents, identify technical and procedural findings, and recommend remediation strategies or technical solutions.
• Participate in IT security audits as required.

Education Qualifications

• Bachelor’s degree in Engineering, Computers Science, or related field from an accredited college or university

Experience Qualifications

• Three (3) years of progressively responsible and directly related work experience

Required Knowledge, Skills and Abilities

• Strong knowledge and experience with tools, platforms, and protocols such as:
• TCP/IP, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and directory services
• Network security defense technologies such as IDS, IPS, Endpoint protection, DLP, NAC, Proxy, and WAF
• Unix, Linux, Apple, and Windows operating systems
• SCCM/SCOM
• Mobile platforms
• Strong knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth)
• Ability to identify systemic security issues based on analysis of vulnerability and configuration data

Licenses and Certifications

• CISSP - Cert Information Systems Security Prof
• CISM, OR GIAC

These principles apply to ALL employees:

SHC Commitment to Providing an Exceptional Patient & Family Experience

Stanford Health Care sets a high standard for delivering value and an exceptional experience for our patients and families. Candidates for employment and existing employees must adopt and execute C-I-CARE standards for all of patients, families and towards each other. C-I-CARE is the foundation of Stanford’s patient-experience and represents a framework for patient-centered interactions. Simply put, we do what it takes to enable and empower patients and families to focus on health, healing and recovery.

You will do this by executing against our three experience pillars, from the patient and family’s perspective:

• Know Me: Anticipate my needs and status to deliver effective care
• Show Me the Way: Guide and prompt my actions to arrive at better outcomes and better health
• Coordinate for Me: Own the complexity of my care through coordination

Equal Opportunity Employer Stanford Health Care (SHC) strongly values diversity and is committed to equal opportunity and non-discrimination in all of its policies and practices, including the area of employment. Accordingly, SHC does not discriminate against any person on the basis of race, color, sex, sexual orientation or gender identity and/or expression, religion, age, national or ethnic origin, political beliefs, marital status, medical condition, genetic information, veteran status, or disability, or the perception of any of the above. People of all genders, members of all racial and ethnic groups, people with disabilities, and veterans are encouraged to apply. Qualified applicants with criminal convictions will be considered after an individualized assessment of the conviction and the job requirements.

The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, specialty and training. This pay scale is not a promise of a particular wage.