Cybersecurity Engineer

Lexington Health is a comprehensive network of care that includes six community medical and urgent care centers, nearly 80 physician practices, more than 9,000 health care professionals and Lexington Medical Center, a 607-bed teaching hospital in West Columbia, South Carolina. It was selected by Modern Healthcare as one of the Best Places to Work in Healthcare and was first in the state to achieve Magnet with Distinction status for excellence in nursing care.

Consistently ranked as best in the Columbia Metro area by U.S. News & World Report, Lexington Health delivers more than 4,000 babies each year, performs more than 34,000 surgeries annually and is the region's third largest employer.

Lexington Health also includes an accredited Cancer Center of Excellence, the state’s first HeartCARE Center, the largest skilled nursing facility in the Carolinas, and an Alzheimer’s care center. Its postgraduate medical education programs include family medicine and transitional year residencies, as well as an informatics fellowship.

The Cybersecurity Engineer is involved in the full security life cycle in a multi-platform environment. This role will assist in maintaining an efficient and secure enterprise infrastructure that offers secure and uninterrupted service for our patients and staff. Responsible for designing, implementing, and sustaining risk appropriate solutions in response to business requirements in all compute and storage platforms in a highly complex environment.

Support and use a portfolio of hardware and software solutions that provide cyber defenses across the entire spectrum of the cyber-attack chain from data and identity to enabling disaster recovery. This role is central to the efficient and effective use of platform security solutions, including mobile, cloud, and Lexington Medical Center-hosted environments with the overall goal of enhancing and maturing Lexington Medical Center’s cybersecurity maturity.

• Minimum Education: Bachelor’s Degree in a related field.
• Minimum Years of
  
  Experience:
  
  3 years of progressively responsible experience in cyber security, security engineering, network engineering, computer incident response, systems architecture, digital platform security (cloud), or related experience.
• Substitutable Education & Experience (Optional): Bachelor’s Degree and 3 years of experience can be substituted for a High School Diploma, or equivalent, and 7 years of progressively responsible experience in cyber security, security engineering, network engineering, computer incident response, systems architecture, digital platform security (cloud), or related experience.
• Required Certifications / Licensure: Valid Driver’s License.
• Required Training: Experience performing vulnerability assessments and penetration testing.
• Knowledgeable network firewall and intrusion prevention appliance order of operations.
• Working knowledge of Cloud Security and supporting Technologies (e.g. AWS, Azure, GCP, SaaS, PaaS, DBaaS), particularly Data Loss Prevention within Microsoft O365, Azure Information Protection & AWS.

• Proactively monitor security technologies for unusual or suspicious activities; interpret and make recommendations for resolution. Security technologies include, but are not limited to:
  Firewalls, Logging Aggregation Systems, IDS, IPS, SIEM, NAC, and data loss prevention technologies.
• Proactively identifies zero-day vulnerabilities, abnormal behavioral patterns, security trends, and sophisticated cyber-attack techniques to enhance the security program and safeguard the environment.
• Proactively monitors the threat landscape and current controls to evaluate the effectiveness of the security tools.
• Works with IT teams to develop a security strategy roadmap for enterprise security architecture and the implementation of appropriate safeguards and controls.
• Interfaces with clients, vendors, and multiple teams while providing resolution to incidents as escalated from the Technology Service Center.
• Independently manages assigned projects and meets deadlines.
• Independently develops reference materials (network diagrams, security flow diagrams,…