Information Security Principal Engineer
Apply NowCompany: Becker Health
Location: Philadelphia, PA 19120
Description:
Position is primarily remote - however, there is potential to come onsite so local candidates highly preferred. Position has the option to extend beyond 6/30/25. Security certifications are preferred but not required.
Job Summary:
Demonstrates specialized & comprehensive knowledge in Information security management practices, disciplines, regulations, industry standards, related frameworks, project management principles, and methodologies, security engineering concepts, security operations model; industry standards around architecture principles.
Demonstrates exceptional skills in managing multiple projects and priorities in order to meet strategic goals and timelines.
Exhibits the ability to plan, manage and implement highly complex enterprise architecture and security implementations, enhancements or modifications that require in-depth knowledge across multiple technical areas and business segments.
Exhibits exceptional understanding of emerging regulatory and healthcare issues in order to develop internal and external checks and controls to ensure proper governance, security and quality of information assets.
Demonstrates exceptional troubleshooting and collaborative skills required to identify, analyze and resolve complicated security issues.
Demonstrates advanced proficiency in creating detailed documentation, perform budget planning and oversight, and providing input on CHOP infrastructure strategic planning, technology standards, and information security and risk practices.
Exhibits ability to communicate effectively with clients, colleagues, vendors, management and the ability to translate complex technical solutions into non-technical requirements documents.
Performs planning, development, implementation, and delivery of enterprise architecture and engineering principles for new, existing and future strategic and operational activities.
Demonstrates the ability to provide technical expertise and consultation to the CIO, CTO, CISO, executive leadership and other business and clinical leaders.
Job Functions:
Principal Information Security Specialist has similar responsibilities to Information Security Specialist III personnel. However, a Principal Information Security Specialist is deemed to be the subject matter expert and in-house advisor on complex problems and issues. A Principal Information Security Specialist also:
Works independently to initiate assignments and draws upon extensive professional knowledge and experience to make independent judgments regarding analysis, evaluation, development, and implementation of enterprise long-term solutions and operating initiatives to ensure that enterprise architectural objectives are aligned with organizational needs and strategic goals.
Optimizes information management approaches through an understanding of evolving business needs and technology capabilities and ensures that projects do not duplicate functionality or diverge from each other and business and DTS strategies.
Shapes, designs, and plans specific service lines in product area and manages the risks associated with information and DTS assets through appropriate standards and security policies.
Functions as the Subject Matter Expert (SME) to maintain an understanding of CHOP DTS business and clinical applications and the relationship to InfoSec and compliance solutions; assist Hospital stakeholders in understanding information protection needs that support the Hospital's business.
Job Functions (cont'd):
Works with other architects to provide a consensus based enterprise solution that is scalable, adaptable and in synchronization with ever changing business needs and takes ownership of a particular solution offering.
Works with highly matrixed team of DTS personnel to support enterprise architecture and information security operations including, but not limited to, architecture and InfoSec principles around identity & access management models, cloud identify management providers, security information and event monitoring, and data loss prevention, perimeter (e.g. firewalls, IPS, web filtering), cloud and virtualization environments and network security (host-based firewalls, anti-virus, disk encryption).
Support and/or lead activities around InfoSec standards for business continuity and change management activities (e.g., table tops and change review board) and educates DTS Hospital management on security issues (e.g., Identity and Access Management (IAM), Role Based Access Control (RBAC) models.
Top Skillsets Sought:
Technical, hands-on experience with information security project implementations.
Technical experience with security logging and security monitoring technology (i.e., security incident & event management technology, managed detection and response technology, etc.). Microsoft technology experience a plus.
Experience working with Managed Security Service Providers (MSSPs) and Cloud providers.
Experience with managing governance over security initiatives, such as security logging governance.
Able to work independently and draws upon extensive professional knowledge and experience to make independent judgement regarding analysis, evaluation, development and implementation of enterprise long-term solutions and operating initiatives.
Excellent communication and documentation skills a must.
Job Summary:
Demonstrates specialized & comprehensive knowledge in Information security management practices, disciplines, regulations, industry standards, related frameworks, project management principles, and methodologies, security engineering concepts, security operations model; industry standards around architecture principles.
Demonstrates exceptional skills in managing multiple projects and priorities in order to meet strategic goals and timelines.
Exhibits the ability to plan, manage and implement highly complex enterprise architecture and security implementations, enhancements or modifications that require in-depth knowledge across multiple technical areas and business segments.
Exhibits exceptional understanding of emerging regulatory and healthcare issues in order to develop internal and external checks and controls to ensure proper governance, security and quality of information assets.
Demonstrates exceptional troubleshooting and collaborative skills required to identify, analyze and resolve complicated security issues.
Demonstrates advanced proficiency in creating detailed documentation, perform budget planning and oversight, and providing input on CHOP infrastructure strategic planning, technology standards, and information security and risk practices.
Exhibits ability to communicate effectively with clients, colleagues, vendors, management and the ability to translate complex technical solutions into non-technical requirements documents.
Performs planning, development, implementation, and delivery of enterprise architecture and engineering principles for new, existing and future strategic and operational activities.
Demonstrates the ability to provide technical expertise and consultation to the CIO, CTO, CISO, executive leadership and other business and clinical leaders.
Job Functions:
Principal Information Security Specialist has similar responsibilities to Information Security Specialist III personnel. However, a Principal Information Security Specialist is deemed to be the subject matter expert and in-house advisor on complex problems and issues. A Principal Information Security Specialist also:
Works independently to initiate assignments and draws upon extensive professional knowledge and experience to make independent judgments regarding analysis, evaluation, development, and implementation of enterprise long-term solutions and operating initiatives to ensure that enterprise architectural objectives are aligned with organizational needs and strategic goals.
Optimizes information management approaches through an understanding of evolving business needs and technology capabilities and ensures that projects do not duplicate functionality or diverge from each other and business and DTS strategies.
Shapes, designs, and plans specific service lines in product area and manages the risks associated with information and DTS assets through appropriate standards and security policies.
Functions as the Subject Matter Expert (SME) to maintain an understanding of CHOP DTS business and clinical applications and the relationship to InfoSec and compliance solutions; assist Hospital stakeholders in understanding information protection needs that support the Hospital's business.
Job Functions (cont'd):
Works with other architects to provide a consensus based enterprise solution that is scalable, adaptable and in synchronization with ever changing business needs and takes ownership of a particular solution offering.
Works with highly matrixed team of DTS personnel to support enterprise architecture and information security operations including, but not limited to, architecture and InfoSec principles around identity & access management models, cloud identify management providers, security information and event monitoring, and data loss prevention, perimeter (e.g. firewalls, IPS, web filtering), cloud and virtualization environments and network security (host-based firewalls, anti-virus, disk encryption).
Support and/or lead activities around InfoSec standards for business continuity and change management activities (e.g., table tops and change review board) and educates DTS Hospital management on security issues (e.g., Identity and Access Management (IAM), Role Based Access Control (RBAC) models.
Top Skillsets Sought:
Technical, hands-on experience with information security project implementations.
Technical experience with security logging and security monitoring technology (i.e., security incident & event management technology, managed detection and response technology, etc.). Microsoft technology experience a plus.
Experience working with Managed Security Service Providers (MSSPs) and Cloud providers.
Experience with managing governance over security initiatives, such as security logging governance.
Able to work independently and draws upon extensive professional knowledge and experience to make independent judgement regarding analysis, evaluation, development and implementation of enterprise long-term solutions and operating initiatives.
Excellent communication and documentation skills a must.