Lead Information Security Engineer

The Lead Information Security Engineer supports the InfoSec mission of securing the patient experience. This position oversees and manages the engineering and architecture of information security applications and systems to ensure compliance with Children's National Hospital IT standards. Individuals in this position will oversee the configuration, testing, monitoring, and troubleshooting of such systems to validate performance and functional requirements.

This position will also require the Lead Information Security Engineer to interface with various departments throughout Children's National Hospital and communicate at a level that the business can understand, explaining the CNH Security Posture and its significance. The Lead Information Security Engineer will be comfortable authoring documents and providing training on security architecture across the enterprise.

The ideal candidate will have extensive experience designing, deploying, and interacting with various Hospital departments, and supporting Palo Alto and Cisco firewalls and features at an enterprise, multicampus level. The candidate will possess the skills to discuss and present documented technical concepts and architecture with business stakeholders, evaluate enterprise technologies considering security and risk implications, and explain mitigating strategies.

Minimum Education

• Bachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)

Minimum Work Experience

• 10 years 10 years of experience in cybersecurity with a focus on engineering and implementation of cybersecurity controls, systems, and applications (Required)

Required Skills/Knowledge

• Experience leading in the application of key cybersecurity practices, controls, and frameworks

• Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences

• Experience leading the implementation of Cybersecurity applications and systems including network devices, firewalls, asset management tools, access management systems, and active directory

• Experience leading in the application of systems engineering principles including requirements definition, system design, test planning and documentation, integration, and functional and operational testing

• Experience leading engineering practices related to performing operational tradeoffs in performance, functionality, cost, and efficiency

• Experience leading performing test measurement and analysis of cybersecurity and IT systems

Functional Accountabilities

Cybersecurity Engineering

• Leads efforts involving the identification of cybersecurity system performance

• Oversees the operation, monitoring, and analysis of cybersecurity applications and systems

• Leads the testing and deployment of cybersecurity systems including firewalls, network analysis tools, access management systems, and vulnerability management applications

• Leads response actions necessary to recover from system failures

• Leads the curation of key reporting metrics associated with cybersecurity systems.

Organizational Accountabilities

Organizational Accountabilities (Staff)

Organizational Commitment/Identification

• Anticipate and responds to customer needs; follows up until needs are met

Teamwork/Communication

• Demonstrate collaborative and respectful behavior

• Partner with all team members to achieve goals

• Receptive to others' ideas and opinions

Performance Improvement/Problem-solving

• Contribute to a positive work environment

• Demonstrate flexibility and willingness to change

• Identify opportunities to improve clinical and administrative processes

• Make appropriate decisions, using sound judgment

Cost Management/Financial Responsibility

• Use resources efficiently

• Search for less costly ways of doing things

Safety

• Speak up when team members appear to exhibit unsafe behavior or performance

• Continuously validate and verify information needed for decision making or documentation

• Stop in the face of uncertainty and takes time to resolve the situation

• Demonstrate accurate, clear and timely verbal and written communication

• Actively promote safety for patients, families, visitors and co-workers

• Attend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance