19 Apr
Sr Security Engineer
Vacancy expired!
- Name:
- Best Contact Info:
- Your Linked In:
- Where do you live and your desired geographical location:
- Why looking for a new job:
- Availability for interviews and a new job:
- Are you open to relocation if required (Client is looking for LA, Ca or Tulsa, Oklahoma):
- Do you have an active Passport:
- Are you open to travel if needed:
- Are you authorized to work in US (US, , Other): Do you require sponsorship at any time or will you in the future?
- Salary Expectations: (I need a range) $
- Sizes of staff overseen and their titles: (include # of direct reports)
- Budgetary Responsibility: $
- Education/Certs/Degrees: (also indicate which certs are active)
- Who Referred You/ How Did You Hear About Job/ DKKD Staffing:
- oversee all security policies, procedures and technologies for our on premise and cloud platforms
- work with the enterprise IT teams to ensure projects and company initiatives are conducted according to enterprise information security requirements and standards
- lead security-based assessments and drive continuous improvement in policy, systems and tools securing critical data and infrastructure.
- Install, configure and maintain use of security infrastructure and tools to automate analysis capabilities for security event monitoring and log analysis. Work with team members, vendor partners and management to enable and support security operations, analyze and investigate security issues and ensure alignment with enterprise security requirements and standards. Provide 24×7 operational IT security support in response to security alerts, investigations and threat remediation. Publish executive level reports summarizing security incidents, identified vulnerabilities, potential exploitations and remediation steps to increase the organization’s security posture. Collaborate with leadership and team members to understand business needs and develop solutions that meet enterprise information security standards. Review proposed system changes and ensure implemented system modifications do not adversely impact the security controls of the system.
- Conduct periodic network scans, vulnerability assessments and penetration testing to detect security weaknesses. Monitor networks and systems and investigate security breaches, through the use of software that detects intrusions and anomalous system behavior. Conduct incident/event investigations, lead incident response and perform forensics analysis to identify, mitigate and contain a security breach. Conduct security program and controls assessments for level of maturity with industry frameworks (NIST) to identify deficiencies. Monitor networks (cloud and on premise) and associated technologies to ensure compliance with enterprise information security requirements and standards. Perform continuous security monitoring and systems security testing, provide mitigation solutions and patching requirements for identified findings. Collect, analyze and report on data from a variety of threat intelligence sources and proactively analyze indicators of compromise (IOCs), and known and emerging threats to the organization.
- Participate in the development of IT security policies and practices, including key security strategies to respond to and recover from security breach events. Participate in the development of tactical response plans, procedures and escalation processes to quickly and effectively respond to potential security incidents. Provide daily support for the adherence of policies, procedures and best practices across the enterprise.
- Participate in awareness training and testing of the workforce on information security standards, policies and best practices. Provide guidance for security needs based on national security organizations, frameworks and industry regulations. Coach, mentor and monitor teams on the IT security program’s policies, procedures, requirements and standards and provide feedback.
- Develop and deliver progress reports, proposals, requirements, documentation and presentations to various audiences, including project teams, sponsors, CIO and key stakeholders. Deliver appropriate and effective executive level communications, as needed.
- Other duties, as assigned.
- Bachelor’s Degree in IT Security, Computer Science, or equivalent OR Equivalent Experience.
- Unexpired Security Certifications (e.g., HCISSP, CISSP, CISA, SANS GIAC, etc.)
- 5+ years’ experience with information security, operational IT security, security architecture & service design; and supporting IT teams from an information security perspective.
- 3+ years’ experience working in a technical, hands-on, information security role; and 2 years’ experience SIEM product administration (e.g. Splunk), security scanning and testing platforms (e.g. Nessus), presenting to Stakeholders and Senior Leaders.
- Working knowledge of HIPAA and NIST CSF standards including 800-37, 800-30, and 800-53.Strong communication (oral and written) skills, including the ability to influence without authority.
- Proficient with MS Project, Excel, Visio, PowerPoint and SharePoint.
- Cloud Security Certification.
- Strong organizational, attention to detail and follow-up skills.
- Ability to work in an ambiguous environment and collaborate across multiple areas.
- Ability to effectively lead virtual meetings and establish rapport with cross-functional teams.
- Experience with digital and/or infrastructure transformation initiatives.
- Knowledge of HITUST and the HITRUST CSF framework.
- Experience in the Healthcare industry.
Vacancy expired!