Information Security Engineer
at Cottage Health
United States, North Carolina, USA -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 29 May, 2024 | Not Specified | 01 Mar, 2024 | 5 year(s) or above | Encryption,It Security,Engineering Disciplines,Endpoint Protection,Systems Programming,Computer Science,Computer Technology,Ips,It Service Management,Operating Systems,Pki,Systems Design | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
The Information Security Engineer for Cottage Health is responsible for performing services and activities to support the Cottage Health Information Security program. As a subject matter expert, the Information Security Engineer provides guidance on the tactical implementation of relevant security initiatives and services. Areas of responsibility include security architecture, firewalls, monitoring and response, endpoint security, and vulnerability management. Furthermore, this position also supports the Information Security Team in performing security assessments, product evaluations, project support, and any other operational tasks needed to support the Information Security program and strategic objectives.
Major Accountabilities
1. Operational Support
Act as the primary security engineer to manage designated security platforms and services that protect the Cottage Health environment, including next generation firewalls, WAF, authentication services, network access control, and end point security solutions.
Perform penetration testing, vulnerability assessments, and security architecture reviews to help identify external threats and recommend methods for remediation.
Collaborate with various IT and projects teams to provide technical and tactical ("handson") support within securityrelated areas to accommodate SLAs and deadlines.
Assist with reviews of company projects and provide input on potential risks, threats, and appropriate solutions to meet information security requirements.
Support the Change / Release Management processes through adequate vetting and testing of system changes and ensuring adequate documentation.
Be a major influence in promoting the technical understanding of new and existing information security standards or procedures, as they relate to system implementation
2. Risk Management
Support the information security audit process by providing documentation on the implementation of technical controls and remediation of previously identified gaps.
Assist in the development, implementation, and management of security policies, standards, procedures, and guidelines that will assist the relevant teams in the implementation of Information Security Program requirements.
Monitor the effectiveness of technical mitigations and recommend costeffective methods to reduce risk to an acceptable level.
Document and followup on security exceptions relating to IT and property activities that could negatively impact security risks and/or not adhere to established policies, standards, or procedures.
Identify areas that would help automate or improve aspects of the audit process to improve efficiency.
3. Incident Response
Act as a technical expert in the Information Security Incident Response team to address incidents impacting Cottage Health and provide remediation in order to restore normal operations.
Coordinate with MSSP in response to detected threats and mitigations.
Participate in incident debriefing activities to help document lessons learned and support the improvement process overall for the Cottage Health incident response capability.
Participate in business continuity or cyberattack exercises to validate the adequacy of relevant response plans.
4. Continual Improvement
Review effectiveness of technical controls and identify areas for improvement, including evaluation of new technologies and capabilities.
Provide input for improvements to security workflows to make them more effective and efficient, including ticket handling, firewall change requests, WAF/application tuning, etc.
Provide technical briefings to the Director of Information Security on key changes to the threat landscape and or emerging technologies to enable better proactivity.
Formulate planning and develop business case for improvement projects and participate in the implementation, as necessary.
Provide training and advice to less experienced security staff and/or other nonsecurity professionals, as needed.
Stay current on recent security trends and technology through participation in industry forums, newsfeeds, and maintenance of security certifications
LEVEL OF EDUCATION
Preferred: Bachelor’s degree in Computer Science or related field
TECHNICAL REQUIREMENTS
Minimum: Experience in NextGeneration Firewalls, IPS, and Enterprise Endpoint Protection. Knowledge of operating systems, RDBMS, client/server technology, WAN & LAN technologies, communications protocols, PKI, encryption, and HIPAA compliance. Knowledge of engineering disciplines including systems programming, systems design, computer technology and software disciplines. Working knowledge of IT Service Management (e.g. ITIL v3) and project management.
YEARS OF RELATED WORK EXPERIENCE
Minimum: 5 years of IT administration experience, with 2 of those years focused on IT Security.
Preferred: 8 years IT admin experience with 5 years in IT Security
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:5.0Max:8.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Computer science or related field
Proficient
1
United States, USA
