71 applicants

Company

Mayo Clinic · 4 hours ago

Senior Information Security Engineer (Remote)

55901

Full-time

Remote

Mid, Senior Level

$129K/yr - $186K/yr

Maximize your interview chances

BiotechnologyHealth Care

No H1B

Insider Connection @Mayo Clinic

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Work with business partners within the department to achieve organizational and OIS goals

Apply technical expertise in penetration testing, vulnerability research, red teaming, code auditing, and reverse engineering to perform in-depth security assessments of IT infrastructure (on-prem and cloud), medical devices, and various types of software (including web and mobile applications)

Identify, understand, and explain the root cause of technical security vulnerabilities and clearly report steps to reproduce a vulnerability

Develop and recommend technical strategies to mitigate or remediate identified vulnerabilities to asset owners

Regularly research and learn new TTPs in public and closed forums, and work with teammates to assess risk and implement and validate controls as necessary

Develop and maintain tools and scripts used in penetration-testing and red team processes

Support purple team exercises designed to build strength across the cybersecurity operations center, threat hunting, and red team

Train offensive and defensive colleagues on new TTPs and mentor junior teammates

Occasionally attend and participate in risk assessment or policy discussion meetings

Undertake complex projects requiring specialized technical knowledge

Perform other security-related duties or enhancements as assigned

Establish timelines and delivery of requirements.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information SecurityPenetration TestingVulnerability ResearchRed TeamingCode AuditingReverse EngineeringCloud SecurityIT InfrastructureTechnical StrategiesRisk AssessmentCybersecurity OperationsScriptingMentoring

Required

Solid understanding of information security, preferably with a strong computer science or engineering background and professional experience.

Hands-on experience with a variety of tools to emulate attacker tactics, techniques, and procedures (TTPs).

Understanding of applications, networking, and various operating systems along with tools and frameworks.

Results oriented and multi-disciplined.

Comfortable working with engineering staff, architecture staff, and management to discover vulnerabilities in existing services, infrastructure, and applications.

Ability to apply technical expertise in penetration testing, vulnerability research, red teaming, code auditing, and reverse engineering.

Ability to identify, understand, and explain the root cause of technical security vulnerabilities.

Ability to develop and recommend technical strategies to mitigate or remediate identified vulnerabilities.

Regularly research and learn new TTPs in public and closed forums.

Ability to develop and maintain tools and scripts used in penetration-testing and red team processes.

Support purple team exercises designed to build strength across the cybersecurity operations center, threat hunting, and red team.

Train offensive and defensive colleagues on new TTPs and mentor junior teammates.

Occasionally attend and participate in risk assessment or policy discussion meetings.

Undertake complex projects requiring specialized technical knowledge.

Establish timelines and delivery of requirements.