Information Security Engineer

MAJOR FUNCTION:

The Information Security Engineer is part of the Information Security team. The Information Security Engineer works with stakeholders, both leadership and subject matter experts, to design and lead implementation of security solutions to support the organization's strategy, processes, information, and information technology assets.

The Information Security Team's primary purpose is to ensure the resiliency, security, and integrity of the organization's computing environment, protect patient and employee confidential information, and comply with regulatory requirements nationally. In partnership with Clinical, Financial, Knowledge Management, Ambulatory and Systems Engineering teams, the Information Security Team drives Information Security standards into delivered solutions. This position provides a hybrid work environment allowing the Information Security Engineer to work from a home environment and on site.

QUALIFICATIONS:

Education & Experience:

• BA or BS Degree in Computer Science or related degree is preferred.
• 5+ years of experience in the Information Security field as an Information Security Analyst or Engineer
• 3+ years of experience managing enterprise class NextGen firewalls.
• Experience with security tools and technologies such as endpoint detection and response, SEIM, SOAR, email gateways, and asset tracking systems.
• Strong documentation skills and experience creating Project Plans, Visio Diagrams, SOPs, RFPs, etc.

Certification/ Licensure:

• Relevant professional certifications, such as CISSP, CASP, CEH or other security certifications required.

Knowledge & Skills:

• Ability to manage and clearly communicate team priorities.
• Must be a leader who can influence stakeholders in written and oral communications.
• Must be a lead resource for the Information Security Analysts and provide support for the Information Security team.
• Excellent analytical and troubleshooting skills.
• Strong interpersonal skills, in addition to effective customer interaction skills
• Familiarity with threat hunting and overseeing vulnerability management programs.
• Knowledge of Logical Access Controls and Least Privilege reviews
• Strong knowledge in NIST Risk Management Framework, HIPAA compliance, PCI Guidelines and CIS Benchmarks
• Ability to work well under deadlines and in a fast-paced environment.