Cyber Security Engineer Jobs

you will be responsible for monitoring our network for security breaches and potential vulnerabilities and responding quickly and effectively to any incidents that arise. This will involve conducting forensic investigations, analyzing security logs and events, and implementing appropriate countermeasures to prevent future attacks.

You will also be responsible for conducting regular threat hunting exercises to proactively identify potential security risks and vulnerabilities. This will involve using a variety of tools and techniques to analyze network traffic, identify suspicious activity, and take appropriate action to protect our systems and data.

In addition to these core responsibilities, you will also be expected to work closely with our network and system administrators to implement security best practices and ensure that our systems are properly configured and maintained. This will involve providing guidance and support on a variety of technical issues, as well as staying up to date with the latest developments in the field of cybersecurity.

To be successful in this role, you will need to have a strong technical background and a deep understanding of cybersecurity principles and practices. You should be a self-starter with excellent problem-solving skills and can work well both independently and as part of a team. A bachelor's degree in computer science, information technology, or a related field is preferred.

Requirements

• Oversees cyber security monitoring, vulnerability assessment, incident response, forensic analysis, intrusion detection/prevention, and resolution of cybersecurity incidents
• Responsible for protecting Data including Protected Health Information (PHI) Data, Personally Identifiable Information (PII) Data, Employee Data and Sensitive Business Information
• Oversees the development of Incident Response Plan and identifies areas of improvement to ensure operational readiness
• Balances operational business needs alongside healthcare requirements to defend against evolving cyber-threats
• Responsible for development and oversight of third-party managed security services and engagements
• Executes best-practice and oversees teams working to identify risk and safeguard the organization from security threats, weaknesses, and vulnerabilities
• Modernizes and implements an Operational Data Governance model
• Oversees Cyber Security Council and Incident Response Teams. Participates as a member of Policies and Procedures Committee
• Partners with Compliance and IT General Controls Teams to ensure adherence to Regulatory Frameworks (HIPAA, PCI, CCPA, etc.)
• Manages Vendor Risk Assessment program
• Evaluates potential business impacts of emerging cyber-risks and provides strategic and tactical guidance to business leaders
• Evaluates and recommends complementary technology to solve business needs (overcome challenges, develop competitive advantages with the goal of increasing profitability)
• Manages partner security-related communication, assessments, and responses
• Works with Legal, Compliance and IT Teams to establish and maintain controls that protect data and appropriately manage its lifecycle
• Collaborates with IT General Controls ( "ITGC) team to support secure compliance with ITGC requirements, including User Lifecycle Administration
• Stays informed of emerging threats through professional affiliations with cyber security groups (Infragard, CISA, CyberHealth Working Group, etc)
• Ensures clients alignment with recognized Cyber Security Frameworks (NIST, ISO, SOC, CIS) toward implementing best practice and minimizing risk
• Guides employees, contractors, and external users on cyber security best-practices through a Cyber Awareness Platform
• Stays in-tune and educates the organization of new cyber-threats and cyber-technology and industry best-practices
• Leads the development and mentoring of dedicated technical teams. Selects, evaluates, and recommends personnel resources
• Collaborates with internal partners (Executive Leadership, IT Leadership, Clinical Operations, Compliance, Systems Administration, and Network Administration) in building and implementing protection of critical systems, data, and workflows through understanding of business objectives
• Responsible for development and oversight of Vulnerability Management Program and Security Patching program

Defines operational success goals and metrics to measure program efficacy.

• Experience with cyber-incidents, and coordinating responses to such incidence, is required
• Minimum five to seven years of infrastructure, networking, and systems security experience required
• College education or work experience in a related field is required
• Experience with cyber-insurance requirements is a plus