Engineer - Information Security; Memphis, TN

Position: Engineer - Information Security (Memphis, TN)
#
**** At ALSAC you do more than make a living; you make a difference.****##
*** We like people who are different...because we’re different, too. As one of the world’s most iconic and respected nonprofits, we know what it’s like to stand out. That’s why we’re looking r background, perspective, and desire to make an impact set you apart. As we work to help St. Jude cure childhood cancer, we're calling on the game-changers, innovators and visionaries to join our family.

Not just for the kids of St. Jude, but also for you. Because at ALSAC, we develop and celebrate our employees. So, bring your whole, authentic self and become part of our shared mission:
Finding cures. Saving children.(R)***##

Job Description The
** Information Security Engineer
** is responsible for implementing, operating, monitoring, and continuously improving enterprise security solutions across cloud, on‐prem, and hybrid environments. This role focuses on
** hands‐on engineering and operational ownership**, ensuring security controls are effective, resilient, and aligned with architectural standards, best practices, and regulatory requirements.

As risks evolve, the Information Security Engineer proactively recommends and implements enhancements to keep pace with the modern threat landscape.

This role works closely with security leadership, architects, infrastructure teams, application development, the Security Operations Center (SOC), audit, and business stakeholders. The engineer plays a direct role in securing systems, applications, third‐party integrations, service providers, and business‐to‐business initiatives.

Success in this role is measured by
** outcomes**—improved detection capability, reduced risk exposure, operational stability, and the maturity of security tooling and processes.##

Key Responsibilities ### Security Engineering & Operations
* Implement, operate, monitor, and maintain enterprise security platforms, including hardware, software, customer applications, managed services, and vendor solutions.
* Own day‐to‐day operational support of security controls, ensuring availability, performance, and minimal business disruption.
* Research, validate, and deploy security solutions that meet both business and security requirements.
* Conduct performance and stress testing to identify limitations while supporting innovation and usability.### Secure Design & Project Delivery
* Participate in and lead security design discussions, ensuring solutions align with architecture standards and secure‐by‐design principles.
* Contribute to security projects that assess existing infrastructure, recommend improvements, and deliver enhancements on time, within budget, and in accordance with SLAs.
* Develop security test plans from architectural designs, identify gaps, and implement improvements prior to production impact.
* Actively participate in change management and change review processes.### Incident Response & Detection
* Support and participate in incident response activities, including investigation, containment, remediation, and post‐incident reviews.
* Drive improvements to detections, controls, and response playbooks based on real‐world incident learnings.
* Influence the planning and execution of incident response exercises and postmortems, creating measurable benchmarks to track maturity and progress.
* Participate in or support off‐hours response activities as required.### Risk, Compliance & Governance
* Implement technical controls aligned to regulatory and compliance requirements such as
** HIPAA, PCI, SOX, GLBA**, and applicable privacy laws.
* Translate compliance and risk requirements into enforceable, scalable security solutions.
* Partner with audit, risk, and compliance teams while maintaining a strong engineering and operational focus.### Collaboration & Continuous Improvement
* Work closely with architects, SOC analysts, incident responders, infrastructure teams, and application developers.
* Respond to service requests and escalation tickets within SLA expectations.
* Drive automation and efficiency to reduce manual effort and enable focus on higher‐value security initiatives.
* Perform other duties as assigned.## Hands‐On…