Our Client is in need of an Information Security Engineer for a full time position in Montebello, CA.
May require travel to sites.
Job Summary
The IT Security Engineer is responsible to identify, evaluate, and implement technical security controls to prevent, detect, contain, and respond to information security threats which includes supporting the technology efforts of the Client. This person is required to analyze threats using a variety of security technologies including a SIEM, email filtering, phishing detection, web filtering, firewalls, intrusion prevention, data loss prevention, and data encryption. Reviews and provides guidance for security configuration of Servers, Firewalls, VPN, Intrusion Prevention Systems, Routers and Switches. Required to lead projects and project teams within and outside the security department. Must maintain an in-depth understanding of current and emerging security threats, recommending upgrades to the organization's technical infrastructure to protect against such threats. This individual also assists in the development and maintenance of information security strategy and will be required to provide support across other technology and business units, ensuring the implementation and operation of the appropriate security controls across the organization are aligned with Information Security policies and standards.
Skills And Abilities
- Strong analytical skill set to decipher business needs and recommend solutions.
- Must have the ability to manage multiple deadlines.
- Excellent problem solving abilities.
- Detailed oriented and able to follow-up and follow-through on project actions and tasks.
- Demonstrated ability to address IT risk by coming up with the appropriate security controls to mitigate the risk to the business.
- Excellent communication and organization skills, both written and verbal
- Superior customer focus and the ability to manage customer expectations.
- Demonstrated commitment to and leadership of continuous process improvement.
Physical Requirements
- Ability to sit, stand, stoop, reach, lift (up to 10 pounds), bend, etc., hand and wrist dexterity to utilize computer.
- May require travel to sites/program and special functions.
Environmental Conditions Critical To Performance
Work is in an office environment, climate controlled through central air conditioning.
Education And Experience
- Bachelor’s Degree in Computer Science, Health / Business Administration or Information Technology and 2 years of progressive experience in information security as an engineer, architect or analyst.
- In lieu of a college degree, 4 years of progressive experience in information security as an engineer, architect or analyst.
- Knowledge and understanding of relevant legal and regulatory requirements (i.e. HIPAA, PCI, Privacy, etc.) is required.
- At least one security industry certification is preferred (CISSP, CISM, CISA or SANS), but not required.
- Knowledge of healthcare industry and hospital operations preferred.
- Appropriate certification in risk management and/or health care compliance desirable.
Essential Job Functions Of Job Description
- Serves as security engineer for network, infrastructure, application, end point, database, operating system and cloud security controls, helping Health Services comply with enterprise and IT security policies, Federal/State law, industry regulations and best practices.
- Assists with interpretation of information security policies, standards, and other requirements as they relate to specific internal and externally hosted IT systems and assists internal and external technology teams in the implementation of information security requirements.
- Recommends security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Participates in ensuring that IT Security controls meet the requirements of all regulatory and/or contractual requirements; HIPAA, PCI Security Standards, State and Federal Privacy Laws, etc.
- Assists in the designing and engineering of internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability
- Serves as an active member of incident response teams and participates in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Acts as a technical consultant on information security incident investigations and forensic technical analyses.
- Ensure all areas of the Information System and Technology environment adhere to established standards of good practice or defined frameworks (NIST, ISO, COBIT, etc.)
If qualified and interested in this opportunity, please apply with an updated resume and annual salary requirements.
No Corp to Corp / No Sponsorship / W2 Only / No third party candidates considered for this position.
JPC-6939