Information Security Engineer

Job Summary

The Information Security Engineer assists with day-to-day information security operations and helps implement the Information Security Strategic Plan to enforce HIPAA and PCI compliance. Responsibilities include managing, monitoring, and maintaining information security devices such as encryption technology, intrusion prevention systems, threat detection tools, SEIM tools, and web content filtering technology. Analyze and create reports based on information gathered from security technology and report to the CISO on a daily basis.

Perform detailed information security assessments on Harris Health System information systems to ensure compliance with federal and state regulations. Assist with e-discovery, forensic and internal penetration testing. Other information security duties as assigned.

Four (4)-year degree in a technology-related field or equivalent work experience. Knowledge of HIPAA Security rule, HITECH, PCI, NIST standards, Sans Top 20, ISO
27000 series, incident investigation and documentation, and compliance is required. CEH, GIAC certifications, Cisco security certification, CISSP or CISM are highly desirable and must be obtained within six months of accepting the position. Specific vendor security certifications may be considered.

Five (5) years of related industry experience (clinical or business). Four (4) years in security and technical roles. Ability to evaluate and review a range of information systems and applications, including but not limited to Encase, Fire Eye, Cisco Firewall/IPS, CheckPoint Point Sec, Rapid7 Nexpose, Metasploit, Mobile Iron, ProofPoint, Imperva, Qradar, Radware, SEIM, Source Fire, Websense WSGA/DLP.

Communication

Skills:

Above-average verbal, exceptional verbal such as public speaking. Writing/Composing: correspondence/ reports. Other

Skills:

Analytical, PC and Word processing.

Eligible for Telecommute.