We are more than a health system. We are a belief system. We believe wellness and sickness are both part of a lifelong partnership, and that everyone could use an expert guide. We work hard, care deeply and reach further to help people uncover their own power to be healthy. We inspire hope. We learn, grow, and achieve more – in our careers and in our communities.

Job Description Summary:

Reports to Cyber Security Functional Leader and will have no direct reports.

Senior Cyber Security Engineer serves as the primary security expert within their respective Cyber

Security specialty, with deep knowledge to apply in the implementation of applications and technology. 

Senior Cyber Security Engineer works closely with the business analysts, architects, vendor partners, and other teams across the IT organization to secure complex applications and services.

Provides technical expertise by designing and enforcing security controls for the application or service architecture which safeguards the integrity and security of the application environment in alliance with architects and other tech leads.

In addition, the incumbent will conduct design reviews, analyze results, and make a recommendation to deliver quality products.   

Minimum Qualifications:

Bachelor's Degree

• Degree, or equivalent experience
• Field of Study/Experience: Computer Science, Information Systems, Mathematics, or Engineering
• Years of Experience: 5+ years in network and data security.
• Expertise in network design, infrastructure, switching and routing, architecture, and security tools.
• Fundamental understanding of Cybersecurity across all disciplines.
• Excellent debugging, troubleshooting, and analytical skills.
• Lead design reviews and daily/weekly meetings
• Lead implementation of Cybersecurity controls

SPECIALIZED KNOWLEDGE

• Knowledge of IT service management (ITSM) and Information Technology Infrastructure Library (ITIL)
• Understanding of system development life cycle methodologies (such as waterfall, spiral, agile software development, rapid prototyping, incremental, synchronize and stabilize, and DevOps)
• Knowledge of IT standards and controls
• Knowledge of Next Generation Firewalls, Intrusion Prevention Systems, IPsec VPNs, Decryption (MiTM), Cloud Access Security Brokers, SASE solutions, WAF and DDoS protections, Forward and Reverse Proxies, Network Access Control Systems, Radius authentication, SDWAN, and Wlan security
• Understanding of information principles and processes
• Design and assess security controls for cloud, systems, networks, and data controls.
• Assess system and application security threats and vulnerabilities.
• Deep knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
• Deep understanding of encryption methods and standards
• Thorough understanding of security standards including HIPAA, CIS, NIST, PCI DSS, and HITRUST
• Knowledge of Microsoft Azure Infrastructure as a Service (IaaS) network security design and architecture
• Architect and implement security controls to secure company acquisitions.

DESIRED ATTRIBUTES

• Is adaptable to new technology
• Forward-thinking, with ability to be strategic when looking at future technology
• Possesses a continuous-learner mindset
• Ability to estimate the financial impact of technology alternatives
• Ability to quickly comprehend the functions and capabilities of existing, new, and emerging technologies that enable and drive new business designs and models
• Demonstrated ability to work well with others and be respected as a leader
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)

RESPONSIBILITIES AND DUTIES

20% Security Expertise - Serves as the deep technical expert for cyber security principles spanning network, application, system, cloud, and end point use cases.  Applies security knowledge to identify and assess risk, develop create and secure solutions to protect enterprise data and systems.  Adapts to new and emerging technologies. 
15% Leads Initiatives - Guides their teams through technical issues and challenges. Leads technology change to deliver security and secure business outcomes while also virtually leveraging subject matter experts from any other needed technical area.  Oversees, or consults on, technology implementation and modification activities (for example, projects and products), particularly for new or shared solutions.
10% Collaboration - Works with architects, Business Analysts, Product Owners, and peers providing technical expertise by integrating security controls to ensure the security and integrity of the application environment.  Reviews and provides security input into architectural designs and requirements.
10% Technical Documentation - Creates, reviews, and approves technical documentation for applications supported and providing specifications for vendors
10% Research and Analysis - Analyzes, plans, justifies, schedules, and coordinates the implementation and maintenance of the specialty area’s administrative, operational, and financial initiatives including TCO, optimization, and efficiency
25% Technology Strategy - Leads the development of technology strategy and roadmap within a given area of specialty including design, documentation, communication, and implementation of new or existing standards for infrastructure technologies while remaining current on industry trends
10% Vendor Management - Works with 3rd party vendors to negotiate contracts and develop reporting metrics, dashboards, and status reporting to drive outcomes and meet expectations for quality and performance"

Work Shift:

Day

Scheduled Weekly Hours :

40

Department

Information Security

Join us!
... if your passion is to work in a caring environment
... if you believe that learning is a life-long process
... if you strive for excellence and want to be among the best in the healthcare industry

Equal Employment Opportunity

OhioHealth is an equal opportunity employer and fully supports and maintains compliance with all state, federal, and local regulations. OhioHealth does not discriminate against associates or applicants because of race, color, genetic information, religion, sex, sexual orientation, gender identity or expression, age, ancestry, national origin, veteran status, military status, pregnancy, disability, marital status, familial status, or other characteristics protected by law. Equal employment is extended to all person in all aspects of the associate-employer relationship including recruitment, hiring, training, promotion, transfer, compensation, discipline, reduction in staff, termination, assignment of benefits, and any other term or condition of employment 

Remote Work Disclaimer:

Positions marked as remote are only eligible for work from Ohio.