IT Security Engineer - Identity and Access Management (IAM)
Company: OU Medical System
Location: Oklahoma City
Posted on: October 12, 2019
GENERAL DESCRIPTION: The IT Security Engineer is responsible for
assisting in the design, implementation, and support of various
risk based activities and IT security technologies and solutions
for OU Medicine, remote clinics, and office buildings. This
position will manage data collection, reporting, and trending for
all critical systems components and services, and will require
collaboration with other technical resources in OU Medicine to
assess and take authorized action on anticipated improvements. The
IT Security Engineer assists in the diagnosis and resolution of the
most complex platform incidents and requests that require research
and diagnosis, and recommends process changes that improve the
implementation, maintenance, and support of systems security. This
position actively participates in strategic planning and 24x7
on-call support with other members of IT staff.
The IT Security Engineer assists security engineering,
architecture, and leadership, coordination, and communication for
projects involving security solutions. This includes, but may not
be limited to, assisting in the design, implementation, and
deployment of various security technologies within the enterprise.
This position is responsible for defining scope of various
projects, ensures that all deliverables are met, and adheres to and
supports IT policies and procedures.
This position is responsible achieving alignment and continuity
between enterprise, business and IT strategies, leveraging existing
security investments and providing scalable options as business
requirements necessitate a need for change. This requires the IT
Security Engineer to keep abreast of the latest security and risk
management technologies, services, and components, actively
facilitate communication between the business and IT, and provide
coordination to a team of resources assigned to accomplish specific
Responsibilities listed in this section are core to the position.
Inability to perform these responsibilities with or without an
accommodation may result in disqualification from the position.
* Provide local leadership, subject matter knowledge, coordination,
and communication for projects involving cyber security and
information risk, including defining scope and ensuring
deliverables are met.
* Ensure alignment and continuity between enterprise, business and
* Create business case proposals, analysis of technologies,
financials, and proposed project plans.
* Create RFPs, conducts reviews/assessments, and make vendor
* Perform contract reviews and ensure risks are mitigated.
* Assist in the design, implementation, monitoring and support of
the hardware and software related to the cyber security and
information risk program.
* Assist and lead various security assessments and control
* Identify gaps to security protocol in existing architecture.
* Security awareness training.
* Participate in strategic planning; creation and maintenance of
standards, policies, and procedures.
* Manage data collection, reporting, and trending for critical risk
and security devices and components.
* Proactively address a change in business requirements by
leveraging existing risk and security investments.
* Provide 24x7 on-call support based on IT staff rotation and
carries a phone as warranted, to assist with the most complex
troubleshooting, coordination, escalation, and resolution of risk
and security-based incidents, equipment failures, etc...
* Assist in building of technology operational models and work
flows for the business.
* Assist in strategic contingency planning from a security and risk
* Provide vendor management, service level definition and service
level management for vendors of risk and security technologies
* Coordinate and participate in regular business meetings and
workshops with technical staff to ensure timely transfer of
knowledge, which affects security architecture and security
* Participate in meetings, committees and continuing education to
improve individual, departmental and organizational
* Aid and train users on proper use of technology.
* Adhere to and support OU Medicine IT standards, policies and
* Maintain and protect confidentiality with regard to all aspects
of patient care and employee information.
* Adheres to Code of Conduct and Mission & Value Statement.
* Performs other duties as assigned
EDUCATION: Bachelor s degree in a computer science or information
technology related subject is preferred.
EXPERIENCE: Four plus (4+) years experience with complex system and
security technologies and / or 4+ information risk experience.
Candidate should have managed multiple high-risk projects,
including projects involving external vendors and multiple business
areas in the health care information field. Multiple entity
experience is preferred. Demonstrated expertise in creating and
maintaining project deliverables such as project charter, project
plan, status reports, project timesheets, estimates, communication
plan, change control reporting, risk management plan, technical
release management plan, budget (work hours and cost),
LICENSURE/CERTIFICATIONS/REGISTRATIONS REQUIRED: CISSP or GSEC or
CISM preferred or obtained within 2 years. Current or previously
held vendor, security, systems, architect, project, audit, or
network certifications preferred examples include; Cisco security,
Microsoft Security, CCNP, CCNA, MCSE, CISM, CISA, CEH etc. Valid
state driver s license, proof of auto insurance, and reliable
personal transportation capable of transporting both employee and
standard work equipment
KNOWLEDGE, SKILLS AND ABILITIES:
Strong technical competencies in the following:
* Knowledge of supported operating systems (Windows server and
VMware ESX) network technology (Route, Switch, Firewall, VPN),
utilities, vendor products, applicable programming languages and
scripting, diagnostic techniques, applicable communications
protocols, applicable hardware configurations
* Must have some experience in deploying technically complex
infrastructure computing solutions across platforms and
* Must have security regulation and security framework knowledge.
Examples include, HIPAA, HITECH, HITRUST, NIST, ISO, and COBIT.
* Must be able to demonstrate knowledge of the following topics:
firewall management, content filtering, IDS/IPS management, DLP,
Identity management, and cloud security management.
* Ability to work with IT technical resources and understand their
requirements is necessary.
Equal employment opportunities are provided to all employees and
applicants for employment without regard to race, color, religion,
gender, national origin, age, disability, sexual orientation,
gender identity, genetic information or protected veteran status in
accordance with applicable federal laws. This policy applies to all
terms and conditions of employment, including, but not limited to,
hiring, placement, promotion, termination, layoff, transfer, leaves
of absence, compensation, and training. Reasonable accommodations
are made to the known physical and mental limitations of qualified
individuals with disabilities.
Keywords: OU Medical System, Oklahoma City , IT Security Engineer - Identity and Access Management (IAM), Executive , Oklahoma City, Oklahoma
Didn't find what you're looking for? Search again!