Network​/Firewall Security Engineer - Information Tech; Onsite

Job Description

The IT Security Engineer develops and maintains enterprise‑wide security architecture and strategies for all aspects of the security domain in alignment with the business strategy and goals. He/she provides technical and security expertise to IT and business teams to understand technical constraints, identify security technology solutions, and develop security reference architectures and strategies to achieve business results. The IT Security Engineer identifies and drives remediation for vulnerabilities discovered across Tanner Medical Center's systems and applications.

He/she builds on platforms to automate processes for triage, as well as prioritise security deviations for closure and to provide insight into the state of security at Tanner Medical Center. In this role, the IT Security Engineer will also act as a consultant to other analysts and development teams for planning and implementation of IT initiatives across the Tanner Business Units.

Education:

Bachelor's Degree plus at least one year of training in a specialty resulting in certification.

Experience:

Six years of related experience. Requires advanced knowledge in highly specialised systems and procedures.

NONE REQUIRED

• Bachelor's degree in computer science or IT Technology
• Prior experience performing in the role of an IT Security Engineer.
• Prior experience working in IT within the healthcare industry.
• Understanding of Information Security frameworks and good practices (e.g., ISO, NIST, MITRE ATT&CK), and ability to strike a balance between an academic and pragmatic approach.
• Understanding of computer, application and network exploits and vulnerabilities.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of Identity Management Protocols and Software (e.g., ADFS, SAML, OKTA)
• Knowledge of cryptography and cryptographic key management concepts.
• Working knowledge of how system components are installed, integrated, and optimised.
• Working knowledge of cybersecurity principles and organisational requirements (relevant to confidentiality, integrity, availability, authentication, non‑repudiation).
• Demonstrated experience in applying cybersecurity methods, such as firewalls, demilitarised zones, and encryption.
• Working knowledge of network access, identity, and access controls.
• Working knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• Knowledge of network design processes, including an understanding of security objectives, operational objectives, and trade‑offs.
• Working knowledge of key concepts in security management (e.g., Release Management, Patch Management, etc.).
• Working knowledge of configuration management techniques.
• Working knowledge of device and client firewall policies within endpoint management systems targeting Windows, iOS, Android, MacOS, and Chrome
  
  OS devices.
• Ability to create technical procedural documentation.
• Experience working with Security Information and Event Management (SIEM) and event log management.
• Experience working with Privileged Access Management Systems (PAM).
• Experience working with Vulnerability Management, Managed Detection and Response, and Intrusion Detection Prevention Systems.
• Experience in incident response processes and procedures related to cyber incidents and forensic investigations.
• Strategic thinking and strong tactical execution.
• Strong written and verbal skills.
• Strong customer service skills during interactions with clinical staff, end‑users, contractors, and vendors.
• Preferred Licences and
  
  Certifications:
  
  CISSP, GIAC.

No, not a remote employee

1st/Days

Monday-Friday 8:30AM-5PM— On Call every 7 weeks