"Alerted.org

Why Mayo Clinic

Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans (https://jobs.mayoclinic.org/benefits/) – to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.

Benefits Highlights

+ Medical: Multiple plan options.

+ Dental: Delta Dental or reimbursement account for flexible coverage.

+ Vision: Affordable plan with national network.

+ Pre-Tax Savings: HSA and FSAs for eligible expenses.

+ Retirement: Competitive retirement package to secure your future.

Responsibilities

The Senior Information Security Analyst – Application Protection will support enterprise efforts to secure APIs and provide support for secure software development lifecycle (S-SDLC) initiatives and operations.

Responsibilities

+ Partner with Information Technology and development teams to ensure secure API design, implementation, and operation in alignment with organizational policies and standards.

+ Review and analyze API and application vulnerability data; identify trends, assess risk, and provide reporting to support remediation and risk reduction efforts.

+ Coordinate exception management workflows related to vulnerability and application protection policies to ensure effective remediation and accountability.

+ Contribute to the design and implementation of a robust, repeatable, and measurable secure development lifecycle process in collaboration with IT and Security stakeholders.

+ Support Application Security Posture Management (ASPM) through data analysis and reporting to improve application security visibility.

+ Support the creation and continuous improvement of governance, metrics, and documentation that promote secure development best practices.

This is a full-time, remote position within the United States.

This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position. Also, Mayo Clinic DOES NOT participate in the F-1 STEM OPT extension program.

Qualifications

Master's degree in applicable field and 4 years' experience, or Bachelor’s degree in applicable field and 5 years’ experience. Pertinent fields of study and experience include (but is not limited to) the following: information security, operational analysis, process change, electronic systems implementation, leadership, systems analysis and project management with broad-based key enterprise initiatives. Must have one of the following certifications (or equivalent) at time of hire. In lieu of

certification at time of hire, candidate must pass the exam within three years and complete the certification process once years of service requirements of the certifying body have been met.

• CISSP

• CISM

• HCISPP

• GSEC

• OSCP

Preferred Qualifications:

Strong understanding of API security concepts, including specifications (e.g., REST, GraphQL, OpenAPI), architectures, and common vulnerabilities (e.g., OWASP API Security Top 10), preferred.

Experience using and interpreting results from application and API security tools such as SAST, DAST, SCA, or API gateways.

Familiarity with vulnerability management processes, including triage, prioritization, and remediation tracking.

Working knowledge of secure software development practices and CI/CD pipeline integration points.

Ability to analyze and correlate data from multiple security tools to identify trends, coverage gaps, and areas for improvement.

Proven ability to communicate technical risk findings clearly to both technical and non-technical audiences.

Experience collaborating with development and infrastructure teams to drive remediation and enhance security practices.

Familiarity with automation and reporting through tools such as ServiceNow or custom dashboards.

Exemption Status

Exempt

Compensation Detail

$113,776 - $164,985/ year

Benefits Eligible

Yes

Schedule

Full Time

Hours/Pay Period

80

Schedule Details

Monday - Friday, 8:00 - 5:00 pm

Weekend Schedule

As needed

International Assignment

No

Site Description

Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is. (https://jobs.mayoclinic.org/alllocations)

Equal Opportunity

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law" (https://www.eeoc.gov/poster) . Mayo Clinic participates in E-Verify (https://www.e-verify.gov/sites/default/files/everify/posters/EVerifyParticipationPoster.pdf) and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.

Recruiter

Ted Keefe

Equal opportunity

As an Affirmative Action and Equal Opportunity Employer Mayo Clinic is committed to creating an inclusive environment that values the diversity of its employees and does not discriminate against any employee or candidate. Women, minorities, veterans, people from the LGBTQ communities and people with disabilities are strongly encouraged to apply to join our teams. Reasonable accommodations to access job openings or to apply for a job are available.