Cyber security Engineer III

Job Description

Job Description:

Overview:
The Cybersecurity Engineer III position requires a seasoned information security professional who is a self-starter, results-oriented, multi-disciplined, and comfortable in leading the implementation of system security solutions in multi-vendor complex healthcare environment. The individual in this role will serve as a senior level Engineer supporting Cyber Security Operations and Engineering efforts from a technical perspective in conjunction with the team. This position is responsible for leading efforts in security research, technical analysis, recommendations, configuration, and administration of systems. This role will also be responsible for defining associated processes and procedures to ensure the protection of information processed, stored, or transmitted in our Systems computing environments. This position ensures that security design, consultation, and technology governance oversight is provided for various projects and initiatives in an effective and timely manner. The incumbent also assists system users relative to information security matters and undertakes complex projects requiring additional specialized technical knowledge. This position acts as information security liaison to various business units and other corporate entities as well as the Information Services & Support department. Must have extensive experience in developing, implementing and maintaining an organizational DLP strategy.

Responsibilities:
In depth knowledge of industry standard security technologies, protocols and best practices. Should have experience in developing and maintaining working relationships both within the organization and with external partners. Demonstrated conceptual, analytical and innovative problem-solving and evaluative skills, demonstrated ability to understand and apply security controls broadly, including for system, application and network resources. Strong knowledge and work experience with logical access controls to ensure confidentiality, integrity and assurance of proprietary information. Knowledge and understanding of business processes and information systems of a healthcare institution a plus. Excellent interpersonal skills; including the ability to work effectively in a team environment as a participant as well as team leader. Capacity to work independently along with a willingness to follow and/or seek advice/assistance as needed. Excellent time management, organizational and motivational skills.
• Will focus primarily on the design, architecture, and implementation of data loss prevention and data protection technologies in all areas of the environment including the network, endpoints, application, cloud-based technologies, and virtualization technologies.
• Subject matter expert level knowledge of major world-class DLP platforms such as those offered by vendors like Symantec, ForcePoint, Digital Guardian, Zscaler, as well as, CASB platforms like Microsoft Cloud App Security, Netskope, BitGlass and McAfee offering
• Skilled and experienced in using DLP Tools (including network, endpoint and email DLP)
• Will maintain DLP policies & rules and respond to associated events which support compliance to the companies information security policies.
• Maintain/troubleshoot issues with the DLP security infrastructure
• Maintain a working relationship with a 24×7 external cyber security operations center monitoring service (MSSP).
• Assist in responding to and managing security events. Lead efforts to implement and manage solutions in the areas of virtualization, cloud technologies, data protection, threat protection, and security event monitoring.
• Lead and/or participate in technical discussions around projects and initiatives that require a security architecture and design component.
• Develop operational support plan as well as KPIs and other metrics around the technologies implemented specifically those implemented in the cloud or through virtualization platforms.
• Collaborate with infrastructure architecture, networking, server, endpoint, web and application development teams
• Follow the firm’s project management and SDLC disciplines to insure structured and effective implementation and operations.

Qualifications:
Competencies/Security Technologies:
• Expert level data loss prevention and protection technologies
• Cloud Security
• Virtualization Technologies
• Network Security
• Security Information and Event Management (SIEM)
• Security Architecture and Design – Development and Review
• Security Incident Handling/Response
• Computer, Network, and Policy Auditing
• Experience with Endpoint Security and Endpoint Detection and Response (EDR) Tools

Educational/Technical Requirements:
• Bachelor’s Degree in Computer Information Systems, Computer Science, MIS, Engineering or related technical discipline desired. Active Cyber Security Certifications will be considered in lieu of a formal degree.
• 7+ years of direct cyber or information security experience.
• Experience in a healthcare organization a plus but not required.
• Equivalent work experience in the Information Technology field may be considered.
• Will be able to illustrate a consistent and logical pattern of strategic career investments and professional development that have helped them develop the skills and experience required to be an effective Information Security leader.
• This can include advanced education, industry certifications, professional development, industry thought leadership, and other external interests and pursuits. (I.e. community involvement, philanthropy, etc.)
• Active certifications from SANS, ISACA and/or ISC2 preferred.