Welcome to the revolutionary new Stanford Hospital, opening in Fall 2019. Stanford Health Care (SHC) is no ordinary health system, and our new building is no ordinary hospital. You will be working in one of health care's best equipped, most innovative facilities, with the tools to deliver superb patient care. Five beautiful gardens, walking trails, a meditation room and abundant natural light make this the ideal environment for working and healing. You'll also be joining a renowned academic medical center that's part of Stanford Medicine and the Stanford University family. By combining clinical care, research and teaching, we're working together to harness the resources of one of the world's leading universities with groundbreaking programs—to create breakthroughs in diagnosis and treatment. Take this opportunity to work at the peak of your profession.
Job Summary This paragraph summarizes the general nature, level and purpose of the job.
The IT Security Engineer is responsible for analyzing and correlating information collected from a variety of sources to identify, investigate, and report vulnerabilities in the SHC environment. IT Security Engineers will additionally be responsible for assisting with resolution of identified security incidents, and coordinating with infrastructure and applications teams as required to achieve incident resolution. SHC is seeking candidates to fill multiple roles within its security organization, and as such candidates with strong backgrounds in any of forensics, vulnerability management, host or network-based intrusion detection/prevention, anti-virus/malware solution support, and data loss prevention are encouraged to apply.
Essential Functions The essential functions listed are typical examples of work performed by positions in this job classification. They are not designed to contain or be interpreted as a comprehensive inventory of all duties, tasks, and responsibilities. Employees may also perform other duties as assigned.
* Conduct research, analysis, and correlation across a wide variety of source data to identify and prevent compromise of SHC networks, host systems, and data, including: o Analyze network traffic and host data to identify anomalous activity and potential threats to SHC resources; o Establish alerting thresholds/triggers, analyze alerts from various sources within the enterprise, and determine possible causes and effects on SHC systems and data; o Validate intrusion detection system (IDS) alerts against network traffic and host data sources using to root out false positives; o Perform regular and ad-hoc vulnerability and malware scans to identify unauthorized access to SHC data systems and malicious code activity such as trojans, root kits, backdoors, bots, or malware. * Provide engineering support for security incidents and threats in the SHC environment, including: o Perform initial incident triage, determining scope, urgency, and potential impact of security incidents; o Respond to and resolve identified security incidents, maintaining contact with end users and the SHC service desk through resolution; o Perform forensic analysis on known security vulnerabilities and recommend risk mitigation procedures. * Perform trend analysis and reporting on security incidents, identify technical and procedural findings, and recommend remediation strategies or technical solutions. * Participate in IT security audits as required.
Equal Opportunity Employer Stanford Health Care (SHC) strongly values diversity and is committed to equal opportunity and non-discrimination in all of its policies and practices, including the area of employment. Accordingly, SHC does not discriminate against any person on the basis of race, color, sex, sexual orientation or gender identity and/or expression, religion, age, national or ethnic origin, political beliefs, marital status, medical condition, genetic information, veteran status, or disability, or the perception of any of the above. People of all genders, members of all racial and ethnic groups, people with disabilities, and veterans are encouraged to apply. Qualified applicants with criminal convictions will be considered after an individualized assessment of the conviction and the job requirements.
Education: Bachelor's Degree in Engineering, Computers Science, or related field, from an accredited college or university. Experience: Three (3) years of progressively responsible and directly related work experience. License/Certification: CISM, CISSP, or GIAC certification preferred.
Knowledge, Skills, and Abilities These are the observable and measurable attributes and skills required to perform successfully the essential functions of the job and are generally demonstrated through qualifying experience, education, or licensure/certification.
* Strong knowledge and experience with tools, platforms, and protocols such as: o TCP/IP, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and directory services o Network security defense technologies such as IDS, IPS, Endpoint protection, DLP, NAC, Proxy, and WAF; o Unix, Linux, Apple, and Windows operating systems; o SCCM/SCOM; o Mobile platforms. * Strong knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth). * Ability to identify systemic security issues based on analysis of vulnerability and configuration data.