The Security Engineer works as a member of the Information Technology Security team. The successful candidate will possess deep technical knowledge on current security technologies; have a solid understanding of information security and networking, and extensive experience interacting with customers. The Security Engineer is responsible for delivery of client specific security management solutions. The Security Engineer serves as an escalation point for critical and complex client issues, performs configuration and testing of products, assists with developing and documenting work processes and trains other members of the team. The primary focus for this role is to act as a subject matter expert for log monitoring security tools and be able to configure, manage, operate and administrate the platform for managed security events.
PRIMARY DUTIES AND RESPONSIBILITIES
- Subject matter expert for onboarding security components for new clients.
- Manage appliance or virtual appliance OS and security/log monitoring software.
- Create innovative solutions to automate and reduce timeframes for operational changes as well as initial installation of the platform.
- Create innovative solutions and recommendations to management about security process for improvement and respond to security alerts.
- Must be able to innovate, study, create, very proactively bring improved/increased security recommendations to supervisor.
- Security Management including:
- Configure backups, verify custom reports, manage log source groups, and validate log sources with client.
- Create rules for compliance and audit requirements and create and manage Watch Lists for current threats.
- Review and apply any newly available and applicable log monitoring tools and/or appliance/virtual appliance software or policy updates monthly.
- Perform formal Health Check and administrative password change.
- Perform formal Architectural Review.
- Create custom rules/rule modifications and custom reports/ report modifications as needed.
- Manage log monitoring user accounts (create, delete, modify, etc.).
- Add /Remove log sources. Troubleshoot issues with log sources or systems with vendor, and report system defects as needed.
- Manage product enhancement / feature requests with vendors as needed.
- Perform software upgrades, updates and patches as needed.
- Create client-specific Watch Lists as necessary.
- Perform technical account management duties for specific top-tier, strategic clients.
- Responsible for major log monitoring tools environmental changes including upgrades, and coordination with customer change management process.
- Create custom documentation for internal and external needs.
- Attend vendor-specific meetings and conferences for business and professional development.
- Responsible for testing and configuring new products and technologies.
- Assist with designing and documenting work processes within Security.
Perform other security engineering duties as assigned.
The Security Engineer has no direct reports.
Education and Experience
- Bachelor’s Degree in Information Technology, Information Security, Computer Science, Engineering or related field of study; or at least four years of related experience and/or training preferred.
- Security Information and Event Management (SIEM) proficiency of at least four years of related experience and/or training preferred.
- Security+, CISSP, GCIH, GIAC, GPEN, CEH and or other industry certifications preferred.
- Excellent written and verbal communication skills required.
- Solid understanding of Information Security and Networking required, including known protocols and services (FTP/HTTP/SSH/SMB/I DAP)
- Outstanding time management and organizational skills required.
- Ability to work nights or weekends as required.
- Flexibility of hours worked/on call rotation as required.
- Demonstrated understanding of threats and vulnerability’s modern healthcare organizations face.
- Demonstrated understanding of PCI, HIPAA etc.
Familiarity with command line interfaces and graphic user interface tools, including Windows, Linux, and Mac OS, etc.
Strong working familiarity of packet analysis tools
Keen ability to diagnose and troubleshoot technical issues, excellent problem-solving skills
Ability to think logically, troubleshoot IT systems, present findings, make recommendations of effective solutions and work with other teams to remediate.
Lead large meetings, present information to management, and hospital staff.