Network Engineer, Security Analyst - Healthcare Facility

Position Overview

The primary function of the Information Systems Security Engineer role is to safeguard the confidentiality, availability, and integrity of data, computer systems, and network devices. This is achieved through the evaluation and implementation of advanced security defense mechanisms aimed at mitigating the risk of cyber threats. This position serves as the foundational support for the Senior Information Systems Security Engineer.

• Threat Research and Forensics:
  Conduct thorough investigations to ascertain the potential impact of emerging threats and exploits, including comprehensive log analysis and network forensics.
• Security Technology Support:
  Assist in the deployment and management of security technologies for scanning, testing, monitoring, and reporting, enhancing overall threat detection and response capabilities.
• Project Execution:
  Collaborate on security initiatives aimed at bolstering detection and response mechanisms. Design alerting frameworks to identify anomalous behaviors effectively.
• Innovate defensive strategies to adapt to evolving adversary tactics.
• Vulnerability Assessments:
  Perform extensive network security scans and penetration tests to uncover vulnerabilities that could be exploited by attackers.
• Incident Response:
  Active role in incident management by conducting detailed technical investigations into breaches to evaluate impacts and mitigate damages.
• Risk Assessment Support:
  Engage in implementation analysis and rigorous technical risk assessments of systems to ensure compliance with established security standards and operational requirements.
• Information Security Tools Management:
  Support the maintenance and operation of various information security infrastructures and tools, including web filtering, IDS/IPS systems, SIEM solutions, antivirus and antispam technologies, data loss prevention systems, and firewalls.
• Regulatory Knowledge Maintenance:
  Stay updated with pertinent regulations, industry standards, and security frameworks (e.g., NIST, HITRUST, PCI, HIPAA) to inform the development of robust security controls that align with compliance obligations.
• Continuous Learning:
  Participate in ongoing education through workshops, seminars, and professional collaborations to keep abreast of advancements in technology and security.

• Educational Background:
  Bachelor’s degree in Management Information Systems or a related field.
• Professional
  
  Experience:
  
  Minimum of two years in an information security role with experience in mobile device security, endpoint protection, wireless defense, vulnerability management, and incident response.
• Certifications:
  
  Current CompTIA Security+ Certification or equivalent, with evidence of knowledge and experience to be secured within six months of assuming role.
• Regulatory Knowledge:
  Familiarity with NIST, HITRUST, PCI, and HIPAA security guidelines.
• Technical
  
  Skills:
  
  Proven background in system administration, experience across multiple operating systems and applications; capable of articulating complex security issues to both technical and managerial stakeholders.
• Analytical
  
  Skills:
  
  Strong critical thinking and problem-solving abilities, with the capacity to perform in-depth research to identify industry-standard solutions for security challenges.
• Project Management:
  Ability to develop, manage, and produce quality results on project plans and tasks within stipulated timelines.
• Technical Proficiency:
  Expertise in implementing and maintaining various security technologies and protocols, including Local Area Networks, Microsoft Active Directory and Group Policy Objects, Data Loss Prevention (DLP), Encryption technologies, Intrusion Detection and Prevention Systems (IDS/IPS), Linux and Windows OS, Multi-factor authentication, Cloud Access Security Broker (CASB), Endpoint Detection and Response (EDR) technologies, and Security Information and Event Management (SIEM) tools.