UChicago Medicine

We’ve been at the forefront of medicine since 1899. We provide superior healthcare with compassion, always mindful that each patient is a person, an individual. To accomplish this, we need employees with passion, talent and commitment… with patients and with each other. We’re in this together: working to advance medical innovation, serve the health needs of the community, and move our collective knowledge forward. If you’d like to add enriching human life to your profile, UChicago Medicine is for you. Here at the forefront, we’re doing work that really matters. Join us. Bring your passion.

Information Security Engineer – Security Automation and Response

Location

United States

Posted

1 day ago

Salary

$98.3K - $114.7K / year

Seniority

Mid Level

Job Description

Information Security Engineer – Security Automation and Response

UChicago Medicine

Role Description Join one of the nation’s most comprehensive academic medical centers, UChicago Medicine as an Information Security Engineer – Security Automation and Response for the Information Security department. This is a remote, work from home opportunity, and you may be based outside of the greater Chicagoland area. Under general direction of the Information Security Operations Manager, you will be responsible for: - Implementing, deploying, and optimizing Automation using SOAR playbook development, Logging, AI driven workflows. - Streamlining incident response and improving SOC operational efficiency. - Participating in threat investigation and incident response. Essential Job Functions include: - Developing, implementing, and maintaining SOAR playbooks to automate repetitive security tasks, such as alert triage, threat investigation, and incident response, using tools like SOAR, Python, and API integrations. - Knowledge of threat detection development, automation of SOAR development, and Incident Response. - Supporting initiatives with the Information Security Operations Manager to advance Security Operations capabilities using AI. - Investigating malware, intrusions, unauthorized access, and data infiltration and exfiltration events. - Analyzing logs, memory, disk images, and network captures to determine attack scope and impact. - Staying informed on cyber threats and standard processes to enhance Security Operations Center capabilities. - Excellent knowledge of security information and event management (SIEM) platforms including query language (Yara-L, CQL, SPL, etc.). - Participating in Purple Team activity. - Participating in on-call rotation and responding to critical security events. Qualifications - BS or BA degree, Computer Science, Engineering, or equivalent education, training or work experience. - 5 years of Security experience, or equivalent training and education. - Knowledge of computing systems, data network communications, and network architecture. - Effective written and verbal communication skills. - Experience in SOAR playbook development. - Scripting or programming skills (Python, PowerShell, Go, etc.) required. - Experience in Incident Response and Threat investigation. - Experience in Threat detection. - Understanding of logging systems. - Security related certifications are preferred (GIAC, CISSP). Requirements - Full Time (1.0 FTE). - Day Shift. - Remote Location. - Non-Union CBA Code. Benefits UChicago Medicine is committed to transparency in compensation and benefits. The pay range provided reflects the anticipated wage or salary reasonably expected to be offered for the position. - The pay range is based on a full-time equivalent (1.0 FTE) and is reflective of current market data, reviewed on an annual basis. - Compensation offered at the time of hire will vary based on candidate qualifications and experience and organizational considerations, such as internal equity. - Pay ranges for employees subject to Collective Bargaining Agreements are negotiated by the medical center and their respective union.

Related Categories

Related Job Pages

More Security Engineer Jobs

Senior Network Security Engineer

UnitedHealth Group

UnitedHealth Group is a healthcare and well-being company that’s dedicated to improving the health outcomes of millions around the world. We are comprised of

Role Description The Senior Information Security Engineer plays a critical role in protecting enterprise network infrastructure by designing, implementing, and operating Palo Alto Networks firewall solutions. This position supports regulatory compliance, incident response, and continuous security improvement while partnering closely with cross‑functional teams during high‑severity incidents and acquired‑entity integrations. The role leverages automation and AI‑assisted tools to improve operational efficiency, enhance monitoring capabilities, and ensure a resilient and scalable security posture aligned with business growth. - Design, implement, and manage Palo Alto Networks firewall solutions to protect enterprise network environments. - Configure and maintain firewall policies, threat prevention profiles, and security controls in alignment with organizational standards and compliance requirements. - Lead acquired entity security integration initiatives, focusing on the seamless onboarding of new environments into the enterprise network and security architecture. - Manage end to end Palo Alto Networks security integrations for acquired entities, from initial discovery and gap assessment through design, implementation, and steady state operations. - Communicate clearly and effectively during high pressure situations to identify root causes, assess impact, and drive timely resolution. - Perform detailed analysis of firewall logs, traffic flows, and alerts to support investigations and operational diagnostics. - Leverage AI assisted with tools such as GitHub Copilot and Microsoft Copilot to increase development speed, accuracy, and overall productivity. - Contribute to documentation, knowledge sharing, and operational runbooks to support consistent and repeatable security operations. - Follow established change management, incident handling, and security processes while continuously enhancing technical expertise in network security technologies. Qualifications - Bachelor’s degree in information security, Computer Science, OR 4 years of network security engineering experience. - 8+ years of experience in information security, network security, or cloud security roles. - 3+ years of experience with Palo Alto Networks firewalls. - 5+ years of strong working knowledge of network security concepts, policies, compliance, including firewalls, proxies, secure access, and policy risk enforcement. - 8+ years of strong background in security operations, incident management, and root cause analysis. - Ability to support call rotations, after hours support and respond to high severity security incidents when required. Requirements - Master’s degree or relevant security certifications (e.g., CISSP, CISM, PCNSE, CCSP). - Experience with Zero Trust architecture and cloud first security platforms. - Experience working security operations across multiple regions or markets. - Familiarity with vendor management, capacity planning, or service optimization. - Experience with automation, scripting, and API based integrations. - PCNSE certification is strongly preferred. Benefits - Comprehensive benefits package. - Incentive and recognition programs. - Equity stock purchase. - 401k contribution (all benefits are subject to eligibility requirements).

United States
$91.7K - $163.7K / year

Senior Security Engineer

Function Health

Function Health provides lab testing services to aid in the early detection of thousands of diseases. Focused on empowering patients to take charge of their hea

Role Description We’re looking for a pragmatic Security Engineer with a strong focus on Identity and Access Management (IAM) to join our lean, fast-paced Security Operations team. In this hands-on role, you will lead the design and management of critical IAM systems protecting our clients’ health data—the foundation of our business. With nearly 1 million users and growing rapidly, you will be leading efforts for Okta and ConductorOne, responsible for: - Application integrations - Enabling provisioning - Building out our Okta organizational structure - Enforcing security policies around user access Beyond IAM, there’s room to expand into security operations, IT automation, and compliance as our team grows. This is a unique opportunity to own one of the strongest security controls in the company and directly reduce organizational risk at scale. Key Responsibilities - Administer and optimize Okta, including: - Integrating new applications for SSO - Implementing and enhancing provisioning and revocation workflows - Building and maintaining Okta organizational structure and role mappings - Administer ConductorOne to: - Integrate it with all relevant applications - Conduct User Access Reviews (UARs) - Enforce time-based access controls - Enable and improve automated provisioning and revocation - Collaborate with cross-functional teams to ensure secure onboarding/offboarding and least privilege enforcement - Support ongoing IAM policy development, documentation, and audit readiness - Monitor and respond to IAM-related alerts and incidents, escalating as needed - Identify opportunities to automate IAM workflows and enhance security operations - Participate in broader security initiatives including vulnerability management, IT automation, and compliance support Qualifications - 3–5 years of hands-on experience administering IAM platforms, ideally Okta and/or ConductorOne - Strong knowledge of SSO protocols (SAML, OIDC), provisioning standards (SCIM), and IAM best practices - Experience integrating multiple SaaS applications into centralized IAM systems - Familiarity with user lifecycle management, role-based access control (RBAC), and access review processes - Solid understanding of cloud infrastructure identity models (GCP preferred) and security operations fundamentals - Experience using Terraform for infrastructure as code, particularly for managing IAM resources and integrations - Comfortable working independently in a fast-moving environment with minimal supervision - Strong organizational skills and a detail-oriented mindset Core Values - Ruthless Prioritization: We don’t let perfect get in the way of progress. We move quickly to drive value, not perfection. We prioritize what drives impact. We never compromise on standards of excellence. - Member-First, Always: We design and deliver like we’re caring for someone we love. We create calendar, actionable, human experience. We prioritize responsiveness, peace of mind, and outcomes. We empower members with truth, clarity, and care. - One Team, Moving Fast: We are aligned in purpose, prioritization, and speed. We gather diverse perspectives to make informed decisions. We clear paths for each other and move fast together. We communicate clearly and respectfully, rallying around shared goals. - Radical Ownership, Relentless Execution: We don’t just ship– we own outcomes and drive results. We act with urgency and precision. We anticipate, initiate, and follow through. We meet challenges with grit and pragmatism. We embrace new tech to deliver better outcomes. - Mission Over Ego: We are ruthlessly aligned to our mission - and leave ego at the door. We disagree and commit. We don't tolerate politics or withholding information. We operate with honesty, transparency, and respect. - Sustained Integrity in Every Detail: We earn trust by obsessing over accuracy, quality, and clarity in everything we do. We prioritize clinical precision - data must be right. We sweat the details because outcomes depend on them. Benefits - Competitive salary and benefits package - Flexible working hours - Dynamic work environment where creativity and innovation are encouraged Important Notice Legitimate communication from the Function Health team will always come from an email address ending in @functionhealth.com. Function Health will never request personal information such as banking details or payment during the hiring process. Please be cautious of communications or job offers that come from other email domains, instant messaging platforms, or unsolicited calls. If you ever have doubts about the legitimacy of a communication, please reach out to us directly at talent@functionhealth.com.

United States
GuidePoint Security logo

Security Consultant – Threat & Attack Simulation

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

• Deliver Threat & Attack Simulation's professional services, including but not limited to Vulnerability Assessments, Internal and External Penetration Tests, Wireless Security Assessments, Onsite and Remote Social Engineering, and a variety of custom assessments • Author comprehensive assessment deliverables that are proficiently tailored to both technical and managerial audiences and fully detail the technical execution, core deficiencies, business impact, and realistic remediation strategies • Utilize automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet the rapidly changing needs of our clients • Contribute to marketing initiatives via activities such as publishing research, speaking at industry conferences, authoring blog articles and whitepapers, hosting webinars, and developing security tools • Assist with Practice development, including improving existing offerings • Perpetually strengthen relevant skills, knowledge, and abilities to stay at the forefront of the information security industry. • Foster client relationships by providing support, information, and guidance • Configure, operate, and manage a Breach and Attack Simulation (BAS) or continuous penetration testing platform and report results to relevant stakeholders promptly • Maintain a strong desire to learn, adapt, and improve along with a rapidly-growing company • Perform other duties as assigned

United States
Full TimeRemoteTeam 51-200

Role Description The IT IAM Engineer acts as a business enabler, proactively identifying and building solutions that help the company scale securely. The role owns the day-to-day administration of Lumistry's identity, access, and endpoint infrastructure and serves as the technical escalation point above our managed service provider for IT support. This is a role for someone who is comfortable working autonomously and taking ownership of their work, with support from the team. We are looking for a candidate who enjoys pragmatic optimization: automate the repetitive work and remediate what matters. The role reports to the Senior Director of IT & Information Security. - Administer the corporate identity provider: SSO configuration, application integrations, directory hygiene, and authentication policy - Build and maintain SCIM provisioning and deprovisioning so that joining, moving, and leaving the company drives access automatically from the HR system of record - Develop zero-touch employee lifecycle from initial provisioning through teardown in disparate systems. - Design and operate privilege escalation workflows so elevated access is requested, approved, time-bound, and logged rather than standing - Manage the lifecycle of service, shared, and machine accounts, including ownership assignment, credential vaulting, and rotation - Administer the productivity and collaboration suites (Google Workspace, Microsoft 365), including organizational units, delegation, security settings, and license hygiene - Execute identity consolidation across legacy product domains, working toward a single directory of record - Manage business request intake and routing so that requests for access, software, and purchases are approved by the appropriate owners before fulfillment - Conduct recurring user-access reviews and SSO hygiene checks across the SaaS application estate, producing audit-ready evidence - Manage software and hardware assets, including inventory tracking, procurement support, and administration of the macOS and Windows fleet through MDM - Maintain endpoint security by enforcing patching, triaging endpoint security alerts and vulnerabilities, and driving remediation to completion - Serve as the escalation point for the outsourced helpdesk, resolving escalated tickets and identifying opportunities to automate recurring requests - Automate repetitive tasks by integrating and scripting across the IT and security toolchain to scale the team's impact as the company grows - Support SOC 2 and enterprise customer security reviews with access evidence, controls, and documentation - Other duties as assigned Qualifications - 5+ years of hands-on IT or identity experience in a production environment - Direct experience configuring an identity provider and SSO integrations (SAML/OIDC) - Experience building SCIM provisioning and deprovisioning against a real application estate - Experience with Mobile Device Management for macOS and Windows - Practical scripting ability (Python, PowerShell, or similar) and comfort working with application and directory APIs - Detail and process-oriented mindset with the willingness to be a generalist and dig into things you have not done before - Excellent written communication and an inclination to document your work - Ability to operate semi-autonomously, sorting immediate priorities out of the shifting needs of a growing company Preferred - Experience in a regulated space such as SOC 2, HIPAA, or PCI compliance environments - Experience with identity workflow and automation platforms - Experience consolidating identity across acquired or legacy products - Experience coordinating with a managed service provider - Prior experience at a SaaS company or startup - Experience in secure systems for healthcare or financial industries Compensation The salary range for this role is $100,000-120,000, commensurate with experience. Work Location This is a remote position for candidates based out of the U.S. Applicants must currently reside in and be legally authorized to work in the United States. We are currently unable to provide visa sponsorship or relocation assistance for this role. Diversity & Inclusion at Lumistry Lumistry is an equal opportunity employer dedicated to an inclusive workplace. We prohibit discrimination and harassment based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, pregnancy, or any other characteristic protected by law. This commitment applies to all aspects of employment, from recruiting and hiring to compensation and promotion. Our decisions are based solely on qualifications, merit, and current business needs. Accessibility We provide reasonable accommodations for qualified individuals with disabilities during the application and interview process. If you require assistance, please don't hesitate to reach out.

United States
$100K - $120K / year