Sr Security Engineer
Hyannis, Massachusetts
Employer: Cape Cod Healthcare Inc.
Industry: Information Systems
Salary: Competitive
Job type: Full-Time
Purpose of Position
Work with the Director of Information Security to develop ongoing support of information security policies and procedures in order to maintain the confidentiality, integrity, and availability of all organizational healthcare information systems.
Description
1. Responsible for implementing, managing, and enforcing information security directives as mandated by HIPAA and Information Security best practices.
2. Acts as a subject matter expert (SME) for security tools, applications, and processes, including Microsoft Azure and Office365, Trend Micro, DUO, Imprivata, Nessus
3. Evaluate and respond to alerts and events from the security tools, including tuning of tool configuration to minimize false positives, development of event response documentation and processes for Security Operations Center response to follow for event actions, and escalating to appropriate teams for event response
4. Ensure the ongoing integration of information security with business strategies and requirements.
5. Ensure that the access control, disaster recovery, business continuity, incident response, and risk management needs of the organization are properly addressed
6. Lead information security awareness and training initiatives to educate workforce about information risks.
7. Perform ongoing information risk assessments and audits to ensure that the information systems are adequately protected and meet HIPAA certification and other regulatory requirements.
8. Work with outside consultants and other third parties to improve information security within the organization.
9. Lead and incident response team to contain, investigate and prevent future computer security breaches.
10. Work closely with server and network engineers to mitigate risks.
11. Performs other work-related duties as assigned or requested.
12. Consistently provides service excellence to all patients, family members, visitors, volunteers, and co-workers.
13. Challenges current working practices: identifies process improvement opportunities and presents recommendations and solutions to management. Engages and commits to the organization's culture of continuous improvement by actively participating, supporting, and promoting CCHC Pillars of Excellence.
Qualifications
· CISSP (Certified Information Systems Security Professional) certification required
· Similar technical certifications will be considered with a commitment to obtain the CISSP within six months of hire.
· B.S. In an Information Technology related field, training; or equivalent combination of education and experience.
· Five years experience providing security audits, risk assessments and remediation, and penetration testing in a large corporate environment; preferably in a healthcare environment.
· Strong technical skills a must (application and operating system hardening, vulnerability assessments, security audits, intrusion detection systems, firewalls, etc).
· General understanding of Microsoft cloud security.
· Outstanding interpersonal and communication skills.
· Must possess a high degree of integrity and trust along with the ability to work independently.
· Excellent documentation skills.
· Ability to weigh business risks and enforce appropriate information security measures.
· In-depth knowledge of the HIPAA Security Rule and other government technology laws.
Work with the Director of Information Security to develop ongoing support of information security policies and procedures in order to maintain the confidentiality, integrity, and availability of all organizational healthcare information systems.
Description
1. Responsible for implementing, managing, and enforcing information security directives as mandated by HIPAA and Information Security best practices.
2. Acts as a subject matter expert (SME) for security tools, applications, and processes, including Microsoft Azure and Office365, Trend Micro, DUO, Imprivata, Nessus
3. Evaluate and respond to alerts and events from the security tools, including tuning of tool configuration to minimize false positives, development of event response documentation and processes for Security Operations Center response to follow for event actions, and escalating to appropriate teams for event response
4. Ensure the ongoing integration of information security with business strategies and requirements.
5. Ensure that the access control, disaster recovery, business continuity, incident response, and risk management needs of the organization are properly addressed
6. Lead information security awareness and training initiatives to educate workforce about information risks.
7. Perform ongoing information risk assessments and audits to ensure that the information systems are adequately protected and meet HIPAA certification and other regulatory requirements.
8. Work with outside consultants and other third parties to improve information security within the organization.
9. Lead and incident response team to contain, investigate and prevent future computer security breaches.
10. Work closely with server and network engineers to mitigate risks.
11. Performs other work-related duties as assigned or requested.
12. Consistently provides service excellence to all patients, family members, visitors, volunteers, and co-workers.
13. Challenges current working practices: identifies process improvement opportunities and presents recommendations and solutions to management. Engages and commits to the organization's culture of continuous improvement by actively participating, supporting, and promoting CCHC Pillars of Excellence.
Qualifications
· CISSP (Certified Information Systems Security Professional) certification required
· Similar technical certifications will be considered with a commitment to obtain the CISSP within six months of hire.
· B.S. In an Information Technology related field, training; or equivalent combination of education and experience.
· Five years experience providing security audits, risk assessments and remediation, and penetration testing in a large corporate environment; preferably in a healthcare environment.
· Strong technical skills a must (application and operating system hardening, vulnerability assessments, security audits, intrusion detection systems, firewalls, etc).
· General understanding of Microsoft cloud security.
· Outstanding interpersonal and communication skills.
· Must possess a high degree of integrity and trust along with the ability to work independently.
· Excellent documentation skills.
· Ability to weigh business risks and enforce appropriate information security measures.
· In-depth knowledge of the HIPAA Security Rule and other government technology laws.
Created: 2024-06-28
Reference: 240516-50002606
Country: United States
State: Massachusetts
City: Hyannis
Similar jobs:
-
IT Security Engineer
Compunnel in Marlborough, Massachusetts -
Senior Product Security QA Engineer
The Mathworks in Natick, Massachusetts -
Senior Security Engineer, Corporate Services Security
Amazon in Boston, Massachusetts💸 $143300 per year -
Principal Information Security Engineer
The Mathworks in Natick, Massachusetts -
Senior Security Engineer, Corporate Services Security
Amazon in Boston, Massachusetts💸 $143300 per year -
Director of Cyber Security Architecture and Engineering
Circor in Burlington, Massachusetts -
Network Security Engineer - INTL Mexico
Insight Global in Dorchester, Massachusetts -
Cyber Security Cloud Engineer SME
SAIC in Hanscom Afb, Massachusetts -
Senior Infrastructure Security Engineer
Global Channel Management, Inc. in Framingham, Massachusetts -
Cyber Security Engineer -Secret Clearance
Insight Global in Hanscom Afb, Massachusetts -
Security Engineer, Corporate Services Security
Amazon in Boston, Massachusetts💸 $136000 per year -
Staff Security Engineer, Detection and Response
Verily in Bay Area, Massachusetts -
Software Development Engineer, AWS Enterprise Security Services
Amazon in Boston, Massachusetts💸 $99500 per year -
Network Security Engineer
Indotronix International Corporation in Boston, Massachusetts -
Senior Software Engineer, Google Cloud Security and Privacy
Google in Cambridge, Massachusetts