The Security Engineer is responsible for providing technical assistance in developing, implementing and supporting technology applications to ensure they are deployed and operated securely.
Design, implement and maintain complex security technologies and projects that support the underlying security policies and procedures.
Design, document and implement appropriate solutions to supportsecurity policies and standards that protect information assets. Provide input to the creation of new and updates to existing policies, standards and practices.
Operational duties include security technology management, boundary and network defense, endpoint defense, supporting information security incident response, and vulnerability and threat remediation.
Maintain skillset on security and vulnerability trends. Remediate systems based on supplied threat intelligence information.
Ensure that new and existing solutions are installed and maintained to meet security requirements.
Assist remediation based on audits or reviews of internal and vendor securityprocesses, procedures and compliance controls.
Serve as a security resource on application development, database design, network and/or platform (operating system) projects, helping project teams comply with enterprise and Technologysecurity procedures and capabilities.
Design, test, implement, maintain and support current and future complex information security technologies, processes and procedures. Assist the design and development of security controls that ensure the safety of information assets and protect from unauthorized access or intentional destruction..
Participate in complex projects related to information security regulatory compliance and the implementation and maintenance of all information security programs, processes and technologies. Assure the implementation of appropriate security configurations or re-configurations and work with appropriate teams to execute them as required.
Provide support in the, resolution and response to suspected and actual information security incidents, breaches, abuse or system failures. Analyze highly visible and complex security incidents to determine root cause and identify process or system changes to prevent reoccurrence. Recommend and perform fixes, security patches, disaster recovery procedures and other required measures. Assure the preservation of cyber-attack evidence as appropriate.
Bachelor’s degree or equivalent work experience
5+ years experience installing, monitoring and maintaining information security solutions including policy design and implementation.
3+ years experience evaluating and designing security solutions for technology projects.
Demonstrated understanding of security related technologies and practices, including: authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, secure remote access, and fire walls.
Strong/diverse technical background in enterprise networking, firewall, storage options, server infrastructure, operating systems, database technologies, and desktop operating systems and security.
Demonstrated experience contributing and collaborating effectively as an informal leader in a high-functioning team.
Effective organizational, analytical and independent problem solving skills.
Successful experience coordinating and completing multiple tasks within established and changing deadlines.
Strong presentation skills with experience addressing and interfacing with executives and technical staff.
Experience working in the healthcare services industry or other highly regulated/compliance oriented environments.
Experience with regulatory compliance issues.
SANS GIAC; or equivalent security certification.
Job Number 18-72742..