The Cyber Security Engineer will monitor, track and reporting relevant security events, types and sources. Apply technical and functional expertise to collect, normalize and characterize cyber incident(s) and event data to identify anomalous or malicious activity including intrusions, attacks, data loss or other prohibited activities. Analyze and correlate incidents and events that may involve data breaches or malicious activity against our network.
* In partnership with the Director of Information Security, architects, designs, implements, maintains and operates information system security controls and countermeasures
* Ensures that weekly, monthly, quarterly, semi-annual, & annual HITRUST measurements are completed in a timely manner and making positive progressions.
* Work with HITRUST assessors annually on ensuring certification criterion are met.
* Automate the collection of HITRUST measurement data.
* Partner with Infrastructure team to ensure policies and procures are communicated and act as an auditor of the processes.
* Monitor information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
* Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
* Identifies potential impact to systems and data by analysis of intelligence reports, forensic reports and reverse engineering of malware reports.
* Determines associated indicators of compromise (IOCs) to develop and distribute countermeasures to detect and prevent identified threats.
* Evaluates IOCs from incidents to determine association with known computer network exploitation (CNE) groups.
* Thoroughly investigates the IOCs for other infrastructure possibly related to the CNE teams (domain registration, IP ownership, VPN infrastructure, strains of malware, etc.) for the possible addition of proactive defensive measures.
* Responsible for preventing and mitigating the potential impact of cyber-attacks by developing, distributing and sharing countermeasures that may impact networks and information systems.
* Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
* Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
* Analyzes and assists with the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
* Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
* Other security tasks and responsibilities as needed.
* Bachelors Degree in Computer Science or related field required
* Security+ certificate or equivalent required
* 7-9 years of experience in building and maintaining security systems
* 7-9 years of security experience including: IDS, IPS, DLP, vulnerability scanning, patch management, event log monitoring, MFA, MDM, DR/BC Planning, incident response, firewall configuration, and other advanced information security programs
* 3+ years of experience working with Check Point products
* In-depth knowledge of PKI & Certificate management
* Experience with compliance & certification programs such as HITRUST, OWASP, NIST, PCI, HIPAA, SOC, etc.
* DLP & CASB Policy experience
* Experience working with 3rd party Penetration Testing vendors and Audit partners
* Experience with end point security products/services including Mobile Devoice Management
* Detailed technical knowledge of cloud, database and operating system(s) security
* Intermediate skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint
* Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience
* Strong interpersonal skills and good judgment with the ability to work alone or as part of a team
* Disciplined style of work ethic
* Ability to prioritize and be timely on projects and deliverables