The Sr Security Engineer is responsible for providing technical expertise and direction in developing, implementing and supporting technology applications to ensure they are deployed and operated securely.
Effectively, design implement and maintain complex security technologies and projects that support the underlying security policies and procedures.
Design, document and implement appropriate solutions to supportsecurity policies and standards that protect information assets. Provide subject matter expertise to the creation of new and updates to existing policies, standards and practices.
Operational duties include security technology management, boundary and network defense, endpoint defense, supporting information security incident response, and vulnerability and threat remediation.
Maintain expertise on security and vulnerability trends. Remediate systems based on supplied threat intelligence information.
Ensure that new and existing solutions are installed and maintained to meet security requirements.
Lead remediation based on audits or reviews of internal and vendor securityprocesses, procedures and compliance controls.
Serve as a security expert on application development, database design, network and/or platform (operating system) projects, helping project teams comply with enterprise and Technologysecurity procedures and capabilities.
Design, test, implement, maintain and support current and future complex information security technologies, processes and procedures. Lead the design and development of security controls that ensure the safety of information assets and protect from unauthorized access or intentional destruction..
Lead complex projects related to information security regulatory compliance and the implementation and maintenance of all information security programs, processes and technologies. Assure the implementation of appropriate security configurations or re-configurations and work with appropriate teams to execute them as required.
Assume a subject matter expert (SME) role in the, resolution and response to suspected and actual information security incidents, breaches, abuse or system failures. Analyze highly visible and complex security incidents to determine root cause and identify process or system changes to prevent reoccurrence. Recommend and perform fixes, security patches, disaster recovery procedures and other required measures. Assure the preservation of cyber-attack evidence as appropriate.
Bachelor’s degree or equivalent work experience
7+ years experience installing, monitoring and maintaining information security solutions including policy design and implementation.
5+ years experience evaluating and designing security solutions for technology projects.
Demonstrated understanding of security related technologies and practices, including: authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management, secure remote access, and fire walls.
Strong/diverse technical background in enterprise networking, firewall, storage options, server infrastructure, operating systems, database technologies, and desktop operating systems and security.
SANS GIAC; or equivalent security certification
Demonstrated experience contributing and collaborating effectively as an informal leader in a high-functioning team.
Effective organizational, analytical and independent problem solving skills.
Successful experience coordinating and completing multiple tasks within established and changing deadlines.
Strong presentation skills with experience addressing and interfacing with executives and technical staff.
Experience working in the healthcare services industry or other highly regulated/compliance oriented environments.
Experience with regulatory compliance issues.
CISSP, CISA, CISM or CRISC; or equivalent security certification
Job Number 18-72719.