Job Information

Sanford Health IT Security Engineer - SOC | IT Security | SF in Sioux Falls, South Dakota

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.

See yourself at Sanford!

Facility: Stevens Center Building
Location: Sioux Falls, SD
Shift: Day
Job Schedule: Full time
Weekly Hours: 40.00

Job Summary

The IT Security Engineer - SOC will be part of the Security Operations Center and work closely with members of the team, as well as other teams, to execute Sanford’s security operations including log monitoring, incident response, vulnerability management, and reporting. You will also be responsible for the analysis and reporting of potential cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing security events. Responsibilities:

Analyze and respond to all relevant cyber security alerts, malware events, malicious event data and other information sources for suspicious network traffic, attack indicators, indicators of compromise and potential security breaches.

Perform investigations and analysis of events to identify and prevent internal and external threats to the environment.

Triage and escalate security alerts and incidents.

Ensure that relevant logs are being indexed into our SIEM and that they are accurate and usable.

Conduct vulnerability assessments to ensure that critical vulnerabilities are identified and work with system owners to ensure they are remediated.

Monitor, support, evaluate existing security controls, and make recommendations to enhance security.

Maintain awareness of the current threat landscape and recommend mitigations against threats.

Assist in threat modeling to identify top threats to organization.

Assist in creation and evolution of runbooks, policies, and procedures.

Develop working relationships and trust with other teams by acting in a consistent, genuine manner.



  • Security background with experience in one or more of the following areas: Monitoring and detection, Incident Response, Vulnerability Assessment and Management, Email Security, Endpoint Security, Authentication, and Penetration Testing.

  • Hands on experience working with an enterprise SIEM. LogRhythm experience preferred.

  • Experience in security of cloud technologies. AWS and O365 experience preferred.

  • Hands on experience

  • A strong understanding of the business impact of security tools, policies, and practices and how they improve security and impact end users.

  • A strong working knowledge of the information security standards and best practices including a working knowledge of industry regulations such as PCI and HIPPA are preferred.

  • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the technology solutions organization, project and application development teams, management, and business personnel.

  • Bachelor’s degree in information security or an IT related field. Advanced security training and knowledge is required.

  • Minimum of 3 years' experience working in information security or IT.

Sanford is an EEO/AA Employer M/F/Disability/Vet.

If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to .

Job Function: Information Technology
Req Number: R-28464
Featured: No