Security Engineer

Job Category: Information Technology

Work Shift/

Schedule:

8 Hr Morning - Afternoon

Northeast Georgia Health System is rooted in a foundation of improving the health of our communities.

Junior level position that leverages and expands the capabilities of existing analytical tools and technologies. Recommends new tools, technologies, and intelligence sources as appropriate. Analyzes security systems log files, reconciles correlated security events, and further develops current security event correlation capabilities. Supports investigations with intelligence collection, analysis, and/or dissemination. Builds and manages information security infrastructure to include anti‑malware, data loss prevention, end‑point encryption, incident detection and response.

Provides guidance for remediation of identified vulnerabilities within the organization environment. Manages identity access controls, ensures data integrity and availability. Drives implementation of role‑based access controls and least privilege access. Audits data access. Ensures privacy and compliance of data including management of data classification and labeling. Serves as technical resource and escalation point for all IT‑related security needs and participates in on‑call rotation.

• Licensure or other certifications: May hold additional IT network, systems, or cloud security certifications.

• Educational Requirements: Associate's Degree. Two (2) year degree in Computer Science, MIS or other computer‑related field or equivalent experience in similar IT environments required. In lieu of associate’s degree, five (5) years of experience in similar environments will be considered.

• Minimum Experience: Three (3)+ years of IT security operations experience required.

• Other:

• Preferred Licensure or other certifications: Cybersecurity certification recommended. CISSP or CISA certification preferred.

• Preferred
  
  Educational Requirements:
  
  

• Preferred Experience: Healthcare IT security.

• Other:

• Knowledge of information security systems engineering principles (NIST SP 800‑160).
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honeypots, perimeter protection).
• Knowledge of systems administration concepts.
• Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honeypots, perimeter protection).
• Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
• Skill in applying confidentiality, integrity, and availability principles.
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Ability to adjust to and operate in a diverse, unpredictable, challenging, and fast‑paced work environment.

• Assess the effectiveness of cybersecurity measures utilized by system(s).
• Coordinate with enterprise‑wide cyber defense staff to validate network alerts.
• Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes to system or system components as needed.
• Ensure that cybersecurity‑enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Identify, assess, and recommend cybersecurity or cybersecurity‑enabled products for use within a system and ensure that recommended products are in compliance with organization’s evaluation and validation requirements.
• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
• Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non‑repudiation.
• Apply cybersecurity functions (e.g., encryption, access control, and identity management) to reduce exploitation opportunities.
• Prepare for and provide subject matter expertise to exercises.
• Oth…