Senior Security Engineer

United Network for Organ Sharing
United States, Virginia, Richmond
Jan 31, 2025
About the Position Position Description This position is responsible for understanding the best practices and regulatory environment for IT security and privacy and how to practically implement those items. In addition, the candidate is responsible for verifying current security posture and working with system owners to remediate vulnerabilities, ensure regulatory and policy compliance. Key Responsibilities: * Security Requirements: Design and implement security measures for the protection of computer systems, networks and information. Identify, define and communicate information security requirements Prepare and document standard security procedures and processes as well as technology specific security baselines Consult and advise system owners on the best methods for meeting information security requirements and remediated identified vulnerabilities Define system policies for systems users * Security Engineering: Plan, design, build, integrate and maintain security infrastructure tools and systems Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks Lead response to security events and incidents as outlined in the UNOS Incident Response Guide Define network systems security requirements and specifications Lead the development and implementation of information security procedures Evaluate network system design and configuration for security Develop recommendations for systems security upgrades and improvements Evaluate the impact of security configuration on system design and performance Define application security standards and polices for users and developers Evaluate web application design and servers for security compliance Evaluate technology and usage trends for impact on security Develop recommendations for systems security upgrades and improvements Evaluate systems design and configuration for security Monitor, report, and remediate security vulnerabilities o Perform network security audits, analyze results and make recommendations for remediation o Mentor junior staff and offer guidance on information security practices and processes o Assist with maintaining the information security roadmap o Manage medium to large information security projects o Assist with government compliance reporting Minimum Requirements 5 years of technical experience working in the Information Security field required Critical Skills Hands-on experience implementing and administering information security systems. Ability to analyze systems based on business and technical user stories/requirements in order to design solutions that best meet the overall objectives of stakeholders Ability to strategically analyze and articulate risks, benefits and opportunities associated with a proposed design or solution. Demonstrated ability to design and implement complex security systems with the goal of meeting business and security objectives Demonstrated ability to design modifications to existing systems that improve security without compromising business objectives Ability to design complex information security systems that impact multiple domains across Service Operations and Software Engineering Ability to review and mentor the work of others in evaluating business objectives, detailing security user stories and generating technical specifications Champion information security throughout the organization Ability to estimate total costs of proposed solutions, including effort, acquisition costs and on-going costs Security Incident Response, Vulnerability Management, SIEM, IAM, PKI and/or Firewall design, implementation and management experience Experience working with NIST 800-53 Additional Skills & Qualifications Experience in the information technology field a plus Experience leading multiple large projects, leading definition, selection and implementation of security tools, technologies and processes Experience evaluating potential solutions, selecting and recommending the best solution Experience producing design documents that are used by others to effectively implement solutions Security certifications a plus (ISC2, ISACA, GIAC, EC-Council, Offensive Security, etc.) Education * 4-year Degree in Computer Science/Engineering or equivalent IT Information Security experience Physical Requirements * General office demands o Prolonged periods of sitting at a desk and working on a computer. o Frequent reaching, handling, and fine manipulation for using office equipment, filing, and managing paperwork. o Manual dexterity sufficient to operate a keyboard, mouse, and other office tools. o Occasional standing, walking, and bending. o Ability to lift up to 10-20 pounds occasionally. o Vision abilities required include close vision for computer work and reading documents. o Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. About Us The United Network for Organ Sharing (UNOS) coordinates the nation's organ transplant system, providing vital services to meet the needs of men, women and children awaiting lifesaving organ transplants. Based in Richmond, Va., UNOS is a private, nonprofit membership organization. UNOS members encompass every transplant hospital, tissue matching laboratory and organ procurement organization in the United States, as well as voluntary health and professional societies, ethicists, transplant patients and organ donor advocates. Top workplace in Richmond since 2014 UNOS is a great place to work! We have been named a Top Workplace in Richmond by the Richmond Times-Dispatch for 10 years in a row. Virginia Values Veterans Certified UNOS is V3-certified! V3- Certified companies work with the Department of Veterans Services and other strategic partners to support Virginia's Veterans. UNOS Benefits For information on UNOS, including more information on employee benefits, take a look at the UNOS Employee Benefits Summary. Authorization Must be authorized to work in the US. Sponsorship is not available for this position. Agency Statement No Agencies Please. UNOS provide equal employment opportunity for all applicants and employees. It will not unlawfully discriminate or permit harassment against any employee or applicant on the basis of race, ethnicity, color, religion, national origin, gender, age, disability, familial or marital status, military or veteran status, sexual orientation, gender identity and expression, genetic information, or any other characteristics or classification protected under applicable law ("protected categories"). This policy applies not only to hiring, but also to working conditions, benefits and privileges of employment, training, appointments for advancement, transfers, layoffs, recalls, terminations of employment and all other terms and conditions of employment. UNOS is also an affirmative action employer. It takes affirmative action to recruit and provide opportunities for advancement to qualified females and minorities, individuals with disabilities, special disabled veterans and other protected veterans. It hires and promotes based on job-related requirements and individual qualifications. Action is taken to ensure the fulfillment of this policy as to all phases of the employment process including hiring, placement, training, upgrading, transfers and/or demotions, recruiting, layoffs and termination of employment. UNOS invites individuals with disabilities and protected veterans to identify themselves, if they wish to do so. Such communication will be kept as confidential as possible and will be used only in accordance with the law. Candidates may contact the EEO/AA Officer at human.resources@unos.org to self-identify or request an accommodation. EEO is the Law \| EEO is the Law Supplement \| E-Verify Participation English/Spanish \| Right to Work \| Right to Work Spanish \| Pay Transparency