Principal Cybersecurity Engineer – Cloud Security

at Fairview Health Services
Published November 21, 2022
Location Minneapolis, MN
Category Default  
Job Type Full-time  

Description

**Overview**

M Health Fairvew is seeking a Principal Cybersecurity Engineer to join our IT team!

Principal Cybersecurity Engineer - Cloud Security is responsible to provide technical leadership to design, build, deploy and support complex Cyber Security and Risk management tools and help drive Cybersecurity maturity for M Health Fairview. Successful candidate will be principal subject matter and domain expert in one or more Cybersecurity functional areas - such as Cloud Migration, Cloud Security, DevOps Engineering, Cloud Security Access Broker, API Security, AWS/GCP/Azure cloud workload migration, instance provisioning/de-provisioning, automation of roles. Principal Engineer will lead Engineers, analysts, subject matter experts and collaborate with multiple technical and business teams to design and build usable, stable and scalable solutions.

To find out more about what benefits we offer at Fairview, including medical, dental insurance, PTO, 401k/403b, clickhere! (https://www.fairview.org/careers/benefits/noncontract)

**Responsibilities**

+ As a principal subject matter expert, successful candidate will be responsible to lead engineering of usable, stable, automated and secure solutions including but not limited to AWS Cloud, Azure Cloud, SecDevOps, Cloud Access Brokers, API Gateways, operational support

+ Oversee design, build, customization and configuration of variety of Cybersecurity tools allowing versatile integrations including applications via standard API and support on-premise and/or cloud hosted applications.

+ Be technical thought leader to help modernize and transform legacy IT and business systems and provide technical guidance to other teams to securely systems helping minimize risk for M Health Fairview.

+ Help improve policies, procedures, standards for Cybersecurity groups and develop blueprint for modernizing existing security tools and technologies to meet evolving busines needs.

+ Collaborate with Enterprise Architecture and Security Architects, principal engineers to brainstorm, design and develop frameworks complying with NIST CSF standards.

+ Proactively find opportunities to improve knowledge and technical expertise in multiple Cybersecurity areas.

+ Provide technical leadership in driving Zero Trust Security approach and preparing the organization and technical teams to build up on foundational elements of Identity, Devices, Networks, Applications and Data.

+ Apply understanding of various domains of security including authentication, authorization, network security, data, system device and Operating Systems, coding principles, development methodologies, web/mobile applications, use of public and private networks, devices and applications hosted in public/private/hybrid cloud environments

+ Analyze risk and prioritization of vulnerability remediation using MITRE ATT&CK within the greater context of assets and the control stack

+ Lead collaboration work with vendors, health and business partners to ensure security remediation milestones are being met

+ Lead technical and risk management groups to identify and remediate gaps including tool/technology deficiencies

+ Lead RED/BLUE/PURPLE teams as needed to test security controls and help improve security posture of M Health Fairview.

+ Lead complex projects related to Cybersecurity Engineering, automation, risk management, compliance and threat management areas.

+ Foster a culture of improvement, efficiency gains and innovative thinking. Coach and mentor team members as needed. Adapt and embrace change and demonstrate flexibility in taking up and fulfilling other duties as assigned.

+ Participate and lead/represent M Health Fairview in industry forums and relevant technical briefings to understand advancements in Cybersecurity and Risk Management areas.

+ Partner with DevOps and engineering leadership to help build cloud security automation into their pipelines

+ Ensure that production platform in AWS/Azure have been hardened as per industry standards e.g. CIS benchmarks

+ Deploy security tools with cloud workloads and integrate into cloud SIEM solutions

+ Stay current with the latest cloud threat mitigation tools and techniques

+ Collaborate with senior management and department leaders to assess near- and long-term cloud security needs

**Qualifications**

**Required**

**Education**

+ Bachelor's degree in Computer Science, Computer Engineering, Technology Information Systems, Engineering or related technical discipline or combination of relevant experience/education.

**Experience**

+ 15+ years of cumulative experience in architecture, design, customization/ development and/or support of IT Systems

+ 7+ years of experience in customization, deployment and support of Cybersecurity tools and technologies

+ Excellent understanding of fundamentals of IT systems, frameworks, development methodologies, network, firewalls, communication layers, devices/end points, computing environment

+ Deeper understanding of Threats, Threat Modeling, Security Vulnerabilities, Risk, Cybersecurity frameworks, policies and Cybersecurity standards

+ Experience working designing and/or engineering Web, Mobile, Cloud hosted Applications, software security, security frameworks

+ Ability to author and edit scripts such as PowerShell, Python and subject matter expertise and knowledge of REST API and JSON batching and workflow automation

+ Experience in implementing projects in agile/SecDevOps models

+ Ability to thrive in a sense-of-urgency environment and leverage best practices

**Preferred**

**Experience**

+ Bachelor's degree or higher in Computer Science, Computer Engineering, Digital Forensics, Cybersecurity and/or related technical discipline.

**Experience**

+ Prior experience in workload migration to cloud, application re-factoring, cloud capacity management, cloud broker, vulnerability management

**License/Certification/Registration**

+ Technical certifications in any of the fields - Security technologies & tools, Development methodologies and frameworks, Cloud and Mobile applications

+ Industry recognized professional certifications - Security+, TOGAF, SANS, CISSP, CISM, CISA

**Need help finding the right job?**

We can recommend jobs specifically for you!

_Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 12 hospitals-including an academic medical center and long-term care hospital-serving the greater Twin Cities metro area and north-central Minnesota._

_Its broad continuum also includes 56 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider network and health insurer PreferredOne. In partnership with the University of Minnesota, Fairview's 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education._

**_Vaccination Update_**

_As part of our ongoing efforts to protect the wellbeing of our teams and to provide a safe and healthy environment for the patients and communities we serve, all Fairview employees will be required to receive both an annual flu vaccination and the COVID-19 vaccination series. Current employees must have completed both vaccination schedules on or before October 31, 2021.Beginning August 9, 2021, any new hires who are not fully vaccinated against COVID-19 are required to receive their first dose prior to their start date and their second dose (if receiving Moderna or Pfizer vaccines) within 4 weeks of their start date. Annual flu vaccinations are also required before the employment start date for employees who begin employment during the flu season.Accommodations requests will be reviewed on an individual basis._

_EEO/AA Employer/Vet/Disabled All qualified applicants will receive consideration without regard to any lawfully protected status._

**Job Locations** _US-MN-Minneapolis_

**Posted Date** _2 weeks ago_ _(10/5/2022 9:31 AM)_

**_Requisition ID_** _2022-101465_

**_Profession_** _Business Operations_

**_Speciality_** _Information Technology_

**_Department_** _Cyber Security_

**_Shift_** _day_

**_Hours per 2 weeks_** _80_

**_Location_** _Fairview offices at 323 Stinson_

Drop files here browse files ...