Senior Network Engineer, Med Plaza, 8:00a-4:30p

About The Position

Requirements

• High school diploma or GED/ equivalent (required)
• Bachelor’s degree (preferred)
• Bachelor’s degree AND four (4) years of experience in an information systems security environment (required) OR Eight (8) years of experience in an information systems security environment working with data, software, hardware, network, web and access management (required)
• Prior account administration experience, including Active Directory LDAP and IAM (required)

Nice To Haves

• Experience leading, executing and operating enterprise scoped security projects in the following domains: platform security, end point security, network security, infrastructure, cloud security, data security and threat prevention (preferred)
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) (preferred)

Responsibilities

• Identifies, drafts, maintains, and discusses security policies, guidelines, procedures, and documentation based on industry standards
• Maintains a high security posture by assuring adherence to compliance and standards, policies and procedures and by monitoring the systems, hardware/software, and infrastructure
• Assists the AVP IT Security in the vetting, design and implementation of newly acquired network security technologies and to create strategies to mitigate organizational risk
• Assists in the development of security event monitoring and alerting content related to network security toolsets; works with other teams to develop end user security awareness and training and monitoring solutions, prevention tools, penetration testing and Incident Response
• Advances the cyber threat analytic tradecraft of the team and program
• Stays abreast of emerging threats and threat actors; utilizes existing and open source security investigation toolsets to identify attack vectors and reduce the overall attack surface; uses up-to-date technical insight on current threat and attack vectors to identify vulnerabilities and risks in the design of ULP infrastructure (networks, systems, applications) and uses this information to draft, discuss, and implement solutions and adjust the solution quickly based on new information as it arises
• Provides support to investigations & incident management team on matters of information security, intrusion mitigation/detection and computer forensics
• Manages and oversees security policies/configuration for DBMS, applications, systems, etc in both on-premise and cloud-hosted solutions (e.g., encryption keys, access controls, separation of duties, database audit logging, Central Audit Logging/Monitoring, etc.)
• Manages the team to ensure the configuring, tuning, and review and of security logs (e.g., central systems logging, database logging) to reduce false positives and improve detection of anomalies
• Manages and oversees vulnerability security scans of systems to help identify and correct infrastructure security issues found in environment; conducts security scans, vulnerability analysis and risk assessments
• Advises leadership through the creation of scorecards and reporting that displays current risk profile and provide insight for decision making
• Advises leadership when new regulatory rules (draft and final) are released, organizes meetings to present the results and helps to provide comments for CMS and proposes solutions to implement the rules (controls) in the system
• Provides proactive analysis and options for systems and operations changes to implement regulatory requirements; manages technical security requirements and designs sessions to ensure that solution architecture complies with all applicable State and Federal regulations