Security Engineer

CHS (Community Health Systems)   •  

Franklin, TN

Industry: Patient Care


5 - 7 years

Posted 268 days ago

This job is no longer available.


•Responsible for requirements gathering, designing, building, and deploying Identity Management solutions for core applications and operating systems

•Assist with application integration, external vendor management, security controls, and audit recommendations

•Integrate role-based access controls with enhancements including end-user provisioning, and synchronization

services with existing applications and systems

•Troubleshoot and design enterprise-wide group policy objects within a Microsoft Active Directory environment

•Responsible for hardening and troubleshootingWindows based solutions

•Review and create firewall rules and present for review to firewall Subject Matter Expert (SME)

•Provide operational support of certificate renewal and creation process, as directed by the team Certificate SME

•Perform security assessments to identify risks/opportunities to improve internal controls

•Provide technical support and consultation for enhancement of and change to enterprise security configurations

•Analyze and resolve customer problems by providing second level support to end-users regarding security related issues

•Assist in the documentation of security policies, procedures, standards and guidelines related to security

•Produce detailed documentation including data flow, logical, and physical diagrams as required

•Support more junior members of the IDM team in all endeavors


An undergraduatedegree in computer systems or related field is required; however, it can be substituted with a minimum of 4 years of experience in Information Security or related field. The following certifications are desired but not required, CISSP, GIAC, GSNA, or CISA.

Job Requirements

EXPERIENCE REQUIREMENTS:•Minimum 4 years’ experience in Information Security or related field in a medium to large enterprise, preferably in a multi-hospital and /or medical center setting•Ability to work independently as well as collaboratively with minimal professional and managerial supervision•Familiarity with the following Operating Systems/Applications (AS400, Novell, MS Windows, McKesson, Meditech, and Health Management Systems)•Must possess in-depth knowledge of Active Directory and LDAP technologies in Windows•Familiarity with programming/scripting languages such as .NET, C, VB and VB Script a plus•The candidate must have ability and willingness to work in a team environment with preferred experience in a large company or government agency supporting multiple applications and systems•Experience in supporting Healthcare environment helpful•Ability to utilize critical thinking skills to resolve issues from discovery to closure•Hands-on experience with 5 of the following: Security Information and Event Management, packet capture, end point monitoring, vulnerability scanning, firewall, antivirus & malware analysis, Intrusion Detection•Systems/Intrusion Prevention Systems, log correlation tools, Data Loss Prevention, Network Access Control,•Active Directory and application firewall solutions•Common Knowledge of TCPIP/UDP/ICMP•Knowledge of File Transfer Protocol (FTP)•Demonstrate ability to determine, execute and/or oversee remediation activities•Knowledge of the OSI Reference Model•Windows/Linux/Unix operating systems•Knowledge of Anti-Virus installation and configuration, including exclusion process•Working knowledge of networking components (routers switches, wireless access points, etc.)•Common knowledge of mail servers and web servers•Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings•Good technical writing, documentation, and communication skills are required
Desired but not required:•Familiar with HiTrust•Knowledge of Virtual Private Networking•Knowledge of automation and scripting of applications and systems•Knowledge of event log correlation•Familiarity with the following Operating Systems/Applications (AS400, Novell/NetIQ, MSWindows, Cerner, Meditech, Health Management Systems, etc.)