Security Engineer

Position: Security Engineer I
** Job Category:
** Information Technology
** Work Shift/

Schedule:

** 8 Hr Morning - Afternoon
** Northeast Georgia Health System is rooted in a foundation of improving the health of our communities.**##
*
* About the Role:

**#
** Job Summary
** Junior level position that leverages and expands the capabilities of existing analytical tools and technologies. Recommends new tools, technologies, and intelligence sources as appropriate. Analyzes security systems log files, reconciles correlated security events, and further develops current security event correlation capabilities. Supports investigations with intelligence collection, analysis, and/or dissemination. Builds and Manages Information Security Infrastructure to include Anti-Malware, Data Loss Prevention, End-point encryption, Incident Detection and Response.

Provide guidance for remediation of identified vulnerabilities within the organization environment. Manage identity access controls, ensure data integrity and availability. Drive implementation of Role Based Access Controls and least privilege access. Audit data access. Ensure privacy and compliance of data including management of data classification and labeling.  Serve as technical resource and escalation point for all IT related security needs and participates in on-call rotation.#

** Minimum Job Qualifications**
* ** Licensure or other certifications:
** May hold additional IT network, systems, or cloud security certifications.
* *
* Educational Requirements:

** Associates Degree. Two (2) year degree in Computer Science, MIS or other computer-related field or equivalent experience in similar IT environments required. In lieu of Associates degree, five (5) years of experience in similar environments will be considered.
* *
* Minimum Experience:

** Three (3)+ years of IT security operations experience required.
* ** Other:**#
** Preferred Job Qualifications**
* ** Preferred Licensure or other certifications:
** Cybersecurity Certification recommended. CISSP or CISA certification preferred.
* ** Preferred

Educational Requirements:

**
* *
* Preferred Experience:

** Healthcare IT security.
* ** Other:**#
** Job Specific and Unique Knowledge,

Skills and Abilities

*** Knowledge of information security systems engineering principles (NIST SP 800-160).
* Knowledge of authentication, authorization, and access control methods.
* Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
* Knowledge of systems administration concepts.
* Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
* Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
* Skill in applying confidentiality, integrity, and availability principles.
* Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
* Ability to adjust to and operate in a diverse, unpredictable, challenging, and fast-paced work environment.#
** Essential Tasks and Responsibilities
*** Assess the effectiveness of cybersecurity measures utilized by system(s).
* Coordinate with enterprise-wide cyber defense staff to validate network alerts.
* Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
* Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
* Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure that recommended products are in compliance with organization's evaluation and validation requirements.
* Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
* Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
* Apply cybersecurity functions (e.g., encryption,…