Children's National Hospital
Lead Information Security Engineer
Children's National Hospital, Silver Spring, Maryland, United States, 20900
The Lead Information Security Engineer supports the InfoSec mission of securing the patient experience. This position oversees and manages the engineering and architecture of information security applications and systems to ensure compliance with Children's National Hospital IT standards. Individuals in this position will oversee the configuration, testing, monitoring, and troubleshooting of such systems to validate performance and functional requirements.
This position will also require the Lead Information Security Engineer to interface with various departments throughout Children's National Hospital and communicate at a level that the business can understand, explaining the CNH Security Posture and its significance. The Lead Information Security Engineer will be comfortable authoring documents and providing training on security architecture across the enterprise.
The ideal candidate will have extensive experience designing, deploying, and interacting with various Hospital departments, and supporting Palo Alto and Cisco firewalls and features at an enterprise, multicampus level. The candidate will possess the skills to discuss and present documented technical concepts and architecture with business stakeholders, evaluate enterprise technologies considering security and risk implications, and explain mitigating strategies.
Qualifications:Minimum EducationBachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)Minimum Work Experience
10 years 10+ years of experience in cybersecurity with a focus on engineering and implementation of cybersecurity controls, systems, and applications (Required)Required Skills/Knowledge
Experience leading in the application of key cybersecurity practices, controls, and frameworksExcellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiencesExperience leading the implementation of Cybersecurity applications and systems including network devices, firewalls, asset management tools, access management systems, and active directoryExperience leading in the application of systems engineering principles including requirements definition, system design, test planning and documentation, integration, and functional and operational testingExperience leading engineering practices related to performing operational tradeoffs in performance, functionality, cost, and efficiencyExperience leading performing test measurement and analysis of cybersecurity and IT systemsFunctional AccountabilitiesCybersecurity Engineering
Leads efforts involving the identification of cybersecurity system performanceOversees the operation, monitoring, and analysis of cybersecurity applications and systemsLeads the testing and deployment of cybersecurity systems including firewalls, network analysis tools, access management systems, and vulnerability management applicationsLeads response actions necessary to recover from system failuresLeads the curation of key reporting metrics associated with cybersecurity systems.Organizational AccountabilitiesOrganizational Accountabilities (Staff)Organizational Commitment/Identification
Anticipate and responds to customer needs; follows up until needs are metTeamwork/Communication
Demonstrate collaborative and respectful behaviorPartner with all team members to achieve goalsReceptive to others' ideas and opinionsPerformance Improvement/Problem-solving
Contribute to a positive work environmentDemonstrate flexibility and willingness to changeIdentify opportunities to improve clinical and administrative processesMake appropriate decisions, using sound judgmentCost Management/Financial Responsibility
Use resources efficientlySearch for less costly ways of doing thingsSafety
Speak up when team members appear to exhibit unsafe behavior or performanceContinuously validate and verify information needed for decision making or documentationStop in the face of uncertainty and takes time to resolve the situationDemonstrate accurate, clear and timely verbal and written communicationActively promote safety for patients, families, visitors and co-workersAttend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance
This position will also require the Lead Information Security Engineer to interface with various departments throughout Children's National Hospital and communicate at a level that the business can understand, explaining the CNH Security Posture and its significance. The Lead Information Security Engineer will be comfortable authoring documents and providing training on security architecture across the enterprise.
The ideal candidate will have extensive experience designing, deploying, and interacting with various Hospital departments, and supporting Palo Alto and Cisco firewalls and features at an enterprise, multicampus level. The candidate will possess the skills to discuss and present documented technical concepts and architecture with business stakeholders, evaluate enterprise technologies considering security and risk implications, and explain mitigating strategies.
Qualifications:Minimum EducationBachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)Minimum Work Experience
10 years 10+ years of experience in cybersecurity with a focus on engineering and implementation of cybersecurity controls, systems, and applications (Required)Required Skills/Knowledge
Experience leading in the application of key cybersecurity practices, controls, and frameworksExcellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiencesExperience leading the implementation of Cybersecurity applications and systems including network devices, firewalls, asset management tools, access management systems, and active directoryExperience leading in the application of systems engineering principles including requirements definition, system design, test planning and documentation, integration, and functional and operational testingExperience leading engineering practices related to performing operational tradeoffs in performance, functionality, cost, and efficiencyExperience leading performing test measurement and analysis of cybersecurity and IT systemsFunctional AccountabilitiesCybersecurity Engineering
Leads efforts involving the identification of cybersecurity system performanceOversees the operation, monitoring, and analysis of cybersecurity applications and systemsLeads the testing and deployment of cybersecurity systems including firewalls, network analysis tools, access management systems, and vulnerability management applicationsLeads response actions necessary to recover from system failuresLeads the curation of key reporting metrics associated with cybersecurity systems.Organizational AccountabilitiesOrganizational Accountabilities (Staff)Organizational Commitment/Identification
Anticipate and responds to customer needs; follows up until needs are metTeamwork/Communication
Demonstrate collaborative and respectful behaviorPartner with all team members to achieve goalsReceptive to others' ideas and opinionsPerformance Improvement/Problem-solving
Contribute to a positive work environmentDemonstrate flexibility and willingness to changeIdentify opportunities to improve clinical and administrative processesMake appropriate decisions, using sound judgmentCost Management/Financial Responsibility
Use resources efficientlySearch for less costly ways of doing thingsSafety
Speak up when team members appear to exhibit unsafe behavior or performanceContinuously validate and verify information needed for decision making or documentationStop in the face of uncertainty and takes time to resolve the situationDemonstrate accurate, clear and timely verbal and written communicationActively promote safety for patients, families, visitors and co-workersAttend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance