The Lead Information Security Engineer supports the InfoSec mission of securing the patient experience. This position oversees and manages engineering of information security applications and systems to ensure compliance with Children's National Hospital IT standards. Responsibilities for this role include design, deployment, and optimization of data pipelines feeding into Splunk and other logging and analysis platforms. This includes onboarding new data sources, parsing logs, maintaining data integrity, documentation, and optimizing infrastructure to handle enterprise-scale data volumes while ensuring alignment with security compliance requirements
Essential Functions:
Integrate platforms with SIEM and SOAR for enrichment, correlation, and case workflow. Maintain posture metrics and report them to partner teams, Security leadership, and the CISO on a defined cadence.
Own operational reliability, configuration, upgrades, integration health, and change governance for assigned applications and systems, with documented runbook
Serve as a technical Lead for vendor communication and tasks related to data ingestion. Manage support escalations and track case resolution.
Partner with internal teams to determine security platfrom needs, translating their requirements into sustainable technical capability.
Manage and optimize resources for highest capable performance and security based on CNH compliance requirements.
Build dashboards, reports, and other documentation, providing leadership with clear insight into resources and current system state.
Minimum Education
Bachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)
Minimum Work Experience
10 years 10+ years of experience in cybersecurity with a focus on engineering and implementation of cybersecurity controls, systems, and applications (Required)
Required Skills/Knowledge
Experience leading in the application of key cybersecurity practices, controls, and frameworks
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Experience leading the implementation of Cybersecurity applications and systems including network devices, firewalls, asset management tools, access management systems, and active directory
Experience leading in the application of systems engineering principles including requirements definition, system design, test planning and documentation, integration, and functional and operational testing
Experience leading engineering practices related to performing operational tradeoffs in performance, functionality, cost, and efficiency
Experience leading performing test measurement and analysis of cybersecurity and IT systems
Functional Accountabilities
Cybersecurity Engineering
Leads efforts involving the identification of cybersecurity system performance
Oversees the operation, monitoring, and analysis of cybersecurity applications and systems
Leads the testing and deployment of cybersecurity systems including firewalls, network analysis tools, access management systems, and vulnerability management applications
Leads response actions necessary to recover from system failures
Leads the curation of key reporting metrics associated with cybersecurity systems.
Organizational Accountabilities
Organizational Accountabilities (Staff)
Organizational Commitment/Identification Anticipate and responds to customer needs; follows up until needs are met
Teamwork/Communication Demonstrate collaborative and respectful behavior
Partner with all team members to achieve goals
Receptive to others’ ideas and opinions
Performance Improvement/Problem-solving Contribute to a positive work environment
Demonstrate flexibility and willingness to change
Identify opportunities to improve clinical and administrative processes
Make appropriate decisions, using sound judgment
Cost Management/Financial Responsibility Use resources efficiently
Search for less costly ways of doing things
Safety Speak up when team members appear to exhibit unsafe behavior or performance
Continuously validate and verify information needed for decision making or documentation
Stop in the face of uncertainty and takes time to resolve the situation
Demonstrate accurate, clear and timely verbal and written communication
Actively promote safety for patients, families, visitors and co-workers
Attend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance