Job Summary
The Cyber Security Engineer is responsible for operating and supporting all components of the technical security infrastructure utilized to maintain the security and integrity of systems and data. The security engineer is required to have a working knowledge of all aspects of information security within the company. Their primary job function is to analyze, implement and operationalize the security measures of the company to ensure an effective security posture and response capability. The security engineer will perform routine system intrusion testing, monitoring of security infrastructure components and maintain the documentation of the security infrastructure. The security engineer will work with other staff members, customers, vendors and other IT professionals to report security flaws, remediate issues discovered and implement configuration or process changes to continually improve systems and data security. The security engineer will maintain documentation of security issues, events, and discrepancies to support the regulatory reporting requirements of the company and its customers.
Job Responsibilities
- Develops and maintains documentation of security infrastructure design and configuration.
- Performs routine vulnerability scans of network attached devices, evaluates the scan results, and takes appropriate action to address vulnerabilities discovered.
- Assesses risk level of any discovered security events and takes appropriate action to mitigate the risk and/or escalates the risk response to the appropriate resource if additional action is required.
- Collaborates with appropriate organizational staff to develop and implement remediation plans for security events discovered.
- Performs or assists with security evaluations of proposed system implementations.
- Assists with the development of security policies and procedures to meet organizational needs.
- Reviews and evaluates system logs and alerts from a variety of security monitoring systems on a scheduled basis.
- Monitors and reports on capacity, operational performance, and operational readiness of the security infrastructure.
- Maintains the operational readiness of the various components of the security infrastructure.
- Implements additions or modifications to the security infrastructure to maintain alignment with and support of applicable organizational policies.
- Provides routine operational security status reports to the Information Technology Security Administrator, and others as directed.
- Utilizes a variety of software and hardware tools, including vendor acquired and open source tools to assess security issues and provide ongoing security monitoring.
- Documents remediation actions taken to address security events discovered.
- Other duties may be assigned.
Requirements
Education: Bachelor’s Degree preferred
Required Experience: 2 – 5 years
Licensure/Certification/Registration:
Required or attainment within 12 months of hire date:
- CISSP, GIAC, COMPTIA Security+ or other applicable security certification/accreditation is desirable
Populations Served
While performing this job, the employee may care for patients in the following age groups.
- No direct responsibility to treat or care for patients
While performing this job, the employee does not care for patients in the following age groups.
- Neonate (< 30 days)
- Infant (< 1 year old)
- Early Childhood (1 year and < 5 years old)
- Late Childhood (5 years and < 13 years old)
- Adolescent (13 and < 17 years old)
- Young Adult (17 to < 30 years old)
- Middle Adult (30 years to < 60 years old)
- Older Adult (> 60 years old)
Serves patients in areas other than direct patient care