THIS IS A 3-YEAR CONTRACT POSITION
Reporting to the Manager of Security Architecture and Engineering, the Cyber Security Engineer will be responsible for protecting digital assets, infrastructure and services on premises and in the cloud. This individual is a key member of the Security Architecture and Engineering technologies team and is responsible for enterprise security architecture, engineering, design, and disaster recovery.
Takes accountability for the development, implementation, and coordination of security technology initiative planning activities in the cybersecurity and Dev Ops security and by engaging with projects and clients and analyzing business needs identified through the development of the business initiative roadmaps. Develops and enhances relationships with key stakeholders, actively manage their expectations, provide strategic consultation and monitor satisfaction levels. Leads activities for development, implementation, and coordination of all security technology planning activities by guiding the following activities; Security Architecture, Security infrastructure design and engineering, SME for all security related escalations and solutions.
Bachelor’s degree and 8+ years of experience in Information Technology field. Additional experience or technology certifications experience in information security; healthcare or academic medical center experience preferred. Prior experience must include at least 4 years of network or cloud security experience
· Security Architecture, configuration, operations, and maintenance of infrastructure, network and supporting software related to the infrastructure
· Defense in Depth principles and technology including access/control, authorization, Identification and authentication, PKI, certificate-based authentication, OATH, SAML and SSO capabilities, network, and end point protection.
· Experience with common backend analytics solutions (SIEM, Malware Detonation/Analysis, Machine Learning Systems, Insider Threat Solutions
· This person should think of infrastructure as code. Candidate will need to work closely with the application development and QA teams on architecture and technologies
· Proven track record developing and implementing security tools and technologies and process integrations both on-premises and in cloud-based architectures
· Hands on experience with secure DevOps environments, AWS and Azure security controls a strong plus
· Hands on experience with programming languages such as Java, Python, Powershell and Ruby for automation and Dev tools experience (Github, Terraform, Jenkins, etc.)
· Application systems, network architecture, multiple platforms and new technologies from a security perspective to include, but not limited to, Firewalls; Intrusion Detection/Protection Systems; Operating Systems (UNIX, Windows); Networking (switches, routers, protocols, etc.); Network Services and Security Vulnerabilities; Network Architecture; Remote Access; Multi-factor Authentication; Platform Security (Application, Database, OS); Antivirus; Cryptography; Active Directory
· Demonstrated proven track record of communicating and working proactively and professionally with internal and external entities and other groups responsible for ensuring that the company is properly protecting its digital assets
· Provide guidance to management by recommending security technologies and solutions that fortify IT Security posture and address regulatory and privacy requirements.
· Improve IT Security posture by collaborating with others to benchmark current environment, identify security gaps against relevant security frameworks and evaluate/implement enhancements.
· Actively implement and be the escalation for troubleshooting IT Security related technology in the environment.
· Perform IT Security probabilistic risk assessments and recommend corrective measures to Senior Management.
· Working experience with Splunk, Palo Alto NextGen Firewalls (physical and virtual), Aruba Onguard, Netflow, Advanced Malware Protection, Rapid7 Nexpose, Forcepoint DLP, CASB, Proffpoint email security solutions
· Strong understanding of networking concepts and protocols (e.g. TCP/IP, LAN, WAN, DHCP, DNS, Routing Protocols..Etc.)
· Knowledge of existing and emerging regulatory compliance requirements (HIPAA, NIST, PCI, FERPA) and industry standard security controls and safe computing practices.
· Hands-on ability to troubleshoot security issues, configurations and incidents on a wide range of devices and computing environments. Knowledge of hardening and securing all well-known versions of Windows, Mac OS and Linux; including well-known applications and infrastructures.
· An attention to detail with a strong sense of customer service and user experience. Must possess strong critical thinking, communication, collaboration, troubleshooting and analysis skills.
· Good interdepartmental skills (Business Units, Human Resources, etc.) with understanding of business terminology, workflows and requirements.
· A strong team player who collaborates and supports the mission and individual team member success. Thrives on challenges in a fluid working environment and takes initiative to learn new technologies.
· Understanding of the legal aspects of data acquisitions, electronic discovery and forensic investigation.