Job Information

Sanford Health IT Security Engineer - SOC in Sioux Falls, South Dakota

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.

Create Your Career With Us!

Facility: Stevens Center Building
Location: Sioux Falls, SD
Address: 900 East 54th St N, Sioux Falls, SD 57104, USA
Shift: Day
Job Schedule: Full time
Weekly Hours: 40.00

Job Summary

The IT Security Engineer - SOC will be part of the Security Operations Center and work closely with members of the team, as well as other teams, to execute Sanford’s security operations including log monitoring, incident response, vulnerability management, and reporting. You will also be responsible for the analysis and reporting of potential cyber threats as well as assist in deterring, identifying, monitoring, investigating, and analyzing security events. Responsibilities:

Analyze and respond to all relevant cyber security alerts, malware events, malicious event data and other information sources for suspicious network traffic, attack indicators, indicators of compromise and potential security breaches.

Perform investigations and analysis of events to identify and prevent internal and external threats to the environment.

Triage and escalate security alerts and incidents.

Ensure that relevant logs are being indexed into our SIEM and that they are accurate and usable.

Conduct vulnerability assessments to ensure that critical vulnerabilities are identified and work with system owners to ensure they are remediated.

Monitor, support, evaluate existing security controls, and make recommendations to enhance security.

Maintain awareness of the current threat landscape and recommend mitigations against threats.

Assist in threat modeling to identify top threats to the organization.

Assist in creation and evolution of runbooks, policies, and procedures.

Develop working relationships and trust with other teams by acting in a consistent, genuine manner.


Bachelor’s degree in information security or an IT related field. Advanced security training and knowledge is required.

Security background with experience in one or more of the following areas: Monitoring and detection, Incident Response, Vulnerability Assessment and Management, Email Security, Endpoint Security, Authentication, and Penetration Testing.

Hands on experience working with an enterprise SIEM desired.

Experience in security of cloud technologies. AWS and O365 experience preferred.

A strong understanding of the business impact of security tools, policies, and practices and how they improve security and impact end users.

A strong working knowledge of the information security standards and best practices including a working knowledge of industry regulations such as PCI and HIPPA are preferred.

Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the technology solutions organization, project and application development teams, management, and business personnel.


Sanford Health offers an attractive benefits package for qualifying full-time and part-time employees. Depending on eligibility, a variety of benefits include health insurance, dental insurance, vision insurance, life insurance, a 401(k) retirement plan, work/life balance benefits, sick leave and paid time off. To review your benefit eligibility, visit .

Sanford is an EEO/AA Employer M/F/Disability/Vet. If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to .

Sanford Health has a Drug Free Workplace Policy. An accepted offer will require a drug screen and pre-employment background screening as a condition of employment.

Job Function: Information Technology
Req Number: R-53624
Featured: No