"Alerted.org

Careers With Purpose

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.

**Facility:** 3801 Building

**Location:** Bemidji, MN

**Address:** 3801 Bemidji Ave N, Bemidji, MN 56601, USA

**Shift:** Day

**Job Schedule:** Full time

**Weekly Hours:** 40.00

**Salary Range:** $46.00 - $76.00

**Pay Info:** Pay starts at $46 and increases according to years of applicable experience.

Department Details

The Lead Information Security Operations Engineer – Vulnerability Management is a technical and strategic leader responsible for overseeing the enterprise vulnerability management program. This role provides subject matter expertise, drives continuous improvement in the identification and mitigation of security vulnerabilities, and serves as a key liaison between security, infrastructure, application, and business teams. The ideal candidate is hands-on, detail-oriented, and experienced in designing, implementing, and optimizing vulnerability management strategies across complex hybrid environments.

Key Responsibilities:

* Lead the design, implementation, and optimization of the enterprise vulnerability management program.

* Own the vulnerability lifecycle: scanning, risk analysis, prioritization, remediation tracking, reporting, and communication.

* Direct and mentor team members on vulnerability management operations, threat analysis, and remediation strategies.

* Coordinate cross-functional response to critical and high-risk vulnerabilities in collaboration with IT and business units.

* Develop and refine metrics, KPIs, and executive-level dashboards that measure the health and effectiveness of the program.

Job Summary

Responsible for leading and coordinating the day-to-day operations of enterprise cybersecurity activities focusing on the processes and tools that support Security Vulnerability Management threat prevention, threat hunting, vulnerability assessments, and incident response. Acts independently to assign tasks to team members and provide direction to minimize identified threats and risks to the organization through collaboration with other Information Security and Sanford technological groups. Perform and coordinate, with other team members, real-time and forensic log and EDR monitoring and analysis to provide network, data, and asset security for Sanford Health. Complete, configure, and tune vulnerability assessments and report results to application and asset owners. Provide consulting services to owners relating to response activities. Perform, lead, and coordinate on Incident Response activities including the collection, preservation, and interpretation of digital evidence.

Build, administer, and support the IS Security Vulnerability Management tools, processes, and services. Identify and complete improvements and metrics to Security Vulnerability Management processes and services. Manage the IS Security Vulnerability Management ticket queue. Prioritize and complete tickets according to impact to Sanford Health business functions. Provide security consulting services to other Sanford Health groups.

Mentor other Security Vulnerability Management team members on tools, processes, and Sanford Health areas. Coordinate and participate in activities with other IT Security groups by providing aid and consulting when needed. Acts independently to determine methods and procedures on new assignments. Regularly presented with new assignments and projects that require the application of independent judgement/interpretation of policies/practices. Regularly checks the work of other team members.

The ability to understand complex technical concepts while simultaneously interacting with non-technical users. The ability to interact with Sanford personnel, build strong relationships across business units and organizations, and understand business imperatives. A strong understanding of the business impact of security tools, technologies, policies, and practices. Assist VMT Manager with the following: Sanford Health policies are followed by the VMT team (e.g., timecards are submitted on time, etc.). Prioritize work to all team members. Assign team members to projects based on experience, workload, and growth opportunities. Ensure deadlines for projects are met.

Qualifications

Bachelor’s degree required, in lieu of education, leadership may consider an Associates degree plus 3 years of applicable experience in computer science, cyber security or an information technology related field.

Minimum of five years' experience working in Cyber Security required. Advanced security training is desired. Strong working knowledge of the information security standards and procedures including HIPAA and PCI.

Security Certifications are desired.

Benefits

Sanford Health offers an attractive benefits package for qualifying full-time and part-time employees. Depending on eligibility, a variety of benefits include health insurance, dental insurance, vision insurance, life insurance, a 401(k) retirement plan, work/life balance benefits, and a generous time off package to maintain a healthy home-work balance. For more information about Total Rewards, visit https://sanfordcareers.com/benefits .

Sanford is an EEO/AA Employer M/F/Disability/Vet. If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to [email protected] .

Sanford Health has a Drug Free Workplace Policy. An accepted offer will require a drug screen and pre-employment background screening as a condition of employment.

**Req Number:** R-0222109

**Job Function:** Information Technology

**Featured:** No