IT Security Engineer

Apply for this Position

Application Form     (* indicates required field)

Please attach the following files

Please upload either a word or PDF version of your cover letter for this position.
Please upload either a word or PDF version of your current resume.
Such as letters of recommendation, work examples, etc.

I certify that all the information submitted by me is true and complete, and I understand that if any false information, omissions, or misrepresentations are discovered, my candidacy may be rejected and, if I am employed, my employment may be terminated at any time. I authorize the American Academy of Orthopaedic Surgeons (AAOS) to conduct employment reference checks. I understand that I may request that AAOS share with me the nature and substance, but not the source of the information so provided.

You must agree to the disclosure statement provided in order for us to accept your application.

You will receive confirmation after we have received your application.

You are known for your complex problem-solving abilities and creative mind. You lead with credibility and independence – empowering teams to meet business and IT security goals. You have rock solid integrity, confidentiality and cultivate an environment of trust on behalf of patients, healthcare providers, employees and administrators and nurture a culture of compliance by leveraging your in-depth knowledge of HIPAA/HITECH, PCI, GDPR and other regulatory and legal standards. You have risk and compliance control and hands-on experience with security and architecture of infrastructure systems.

If this sounds like you, read on!

The IT Security Engineer leads data security standards, driving the security strategy and implementations resulting in safeguarding the organization’s protected health and other confidential or sensitive information from security threats and cyber-hacking. This role is responsible for the operational compliance to HIPAA/HITECH, PCI, GDPR, and similar standards and regulations. This position serves as a trusted advisor to the Director, CIO, and the Academy senior management team to establish information security standards, recommendations, and controls as an integrated part of strategic growth planning and ongoing process improvement.

Devise strategies and implement IT solutions to minimize the risk of cyber-attacks. Coordinate external audits and IT security risk assessments and provide recommendations to minimize threats. Maintain compliance with the latest to HIPAA/HITECH, PCI, GDPR regulations and requirements by adhering to industry standard cyber-security frameworks. Track the latest IT security innovations and keep abreast of cyber threats and security technologies. Communicate with key stakeholders about IT security threats.

Develop and maintain data security and privacy policies and procedures related to the proper handling and use of confidential information across the organization. Ensure that business processes incorporate the proper audit controls that demonstrate compliance with policy.

Coordinate regular training and education of Academy staff in information security methods and controls to maintain compliance. Champion and educate the organization about the latest security strategies and technologies.

Respond to security assessment questionnaires from stakeholder institutions. Implement an effective process for the reporting of security incidents. Oversee the investigation of reported security breaches and develop strategies to handle security incidents and trigger investigations. Manage vendor relationships withsecurity experts and advisors.

Conduct a continuous assessment of current IT security practices and systems and identify areas for improvement. Deliver new security technology approaches and the implementation of next generation solutions. Provide leadership to the technology team and developing staff.

Ensure that proper monitoring of security vulnerabilities and hacking threats in computers, networks, cloud, and hosted systems is in place. Provide leadership to ensure business continuity in the event a security breach occurs, or a disaster recovery plan is triggered.


10 to 15 days per year



  • Leadership skills – capable of empowering and leading teams to meet business and IT security goals
  • Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies
  • Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
  • Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
  • Ability to develop and carry out information security plans and policies
  • Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
  • Multi-tasking – can manage several concurrent projects and prioritize demands
  • Bachelor’s degree is required in computer science or similar.
  • Information security certification required or currently pursuing with a specific date for certification.
  • Provide awareness training of the workforce on information security standards, policies and best practices
  • Manage and lead security incident response efforts
  • Monitor networks and systems for security breaches, utilizing technology that detects intrusions and anomalous system behavior
  • Must possess a strong working knowledge and understanding of business processes and the systems that support them
  • Must possess excellent analytical and planning skills
  • Must possess excellent written and verbal communication skills as well as demonstrated presentation, organizational, facilitation, and problem-solving skills
  • A minimum of 5 years IT security experience or proven comparable recent information security experience in a leadership role
  • Azure and cloud platform as a service (PaaS, IaaS, and SaaS) security
  • Endpoint security solutions, including file integrity monitoring and data loss prevention
  • Planning, researching and developing security policies, standards and procedures
  • Knowledge of risk assessment tools, technologies and methods
  • Expertise in anti-virus software, IDS/IPS, firewalls, SIEM, and content filtering
  • Expertise in designing secure networks, systems and application architectures
  • Demonstrated knowledge of the latest IT thinking and threat modelling methods together with a creative drive
  • Change management and business process experience is ideal together with a proven track record of driving large-scale change programs
  • A proven record of dealing with complex projects and meeting conflicting demands

If this describes YOU, please share the following:  

-Clearly communicate why you are the ideal candidate for this role, providing specific examples and experiences as proof points.

-Attach your resume, cover letter and any additional materials that support your application.


Location: Rosemont, IL
Apply for this Position Job code: HR/ISE
Apply at: