Serves as a senior expert in cybersecurity defense, engineering and planning. Assists with coordination of day-to-day cybersecurity engineering and defense. Assists Manager with completion of cybersecurity engineering activities, tracking tasks, managing schedules and cyber incident response efforts. Analyzes cyber events to identify threats and leads defensive actions. Assists in developing the goals, strategy and methodologies of the cyber defense program. Prepares detailed briefings of past encounters, creates and delivers presentations on current cyber defense topics.
Leads engineering and implementation of new information security systems and controls, delivering effective and pragmatic risk-prioritized solutions to pressing cybersecurity problems Supports development, design, implementation, integration, and on-going maintenance of systems, applications, processes, security solutions and technologies, based on business and technical requirements.
Assists in scheduling, allocation of work and determination of priorities. Provides leadership, technical assistance, monitors quality of work, and monitors team projects. Trains and mentors junior team members. Makes recommendations on appropriate staff and manager-level training for the maintenance and enhancement of cybersecurity.
Analyzes data from information technology and cyber defense tools to identify potential threats and defend company against all forms of deception and attack. Actively monitors network activity to thwart potentially damaging activities.
Protects company’s information, information systems, networks and all related people by analyzing public and private information sources to develop effective defensive techniques. Remediates exploits based upon past history and works to predict types of attacks most likely to occur in the future.
Leads design and implementation of security response automation, integrating various information and cyber defense tools using scripting languages such as PowerShell and Python to create fast, intelligent responses to common and/or critical cyber incidents.
Maintains and administers tools used to defend company against cyberattack and data loss.
Participates in the development of plans and techniques to mitigate vulnerabilities and improve defenses. Actively participates in developing the goals, strategy and methodologies of the company cyber defense program in alignment with the overall Information Security program strategy.
Performs other duties as required or assigned.
Bachelor's Degree in Computer Science, Healthcare Information Technology, or relevant field preferred. Equivalent knowledge, training, education, and/or experience may substitute for degree.
EXPERIENCE / TRAINING:
Ten years information security experience required.
Direct experience securing cloud-based Microsoft offerings highly preferred.
Technical experience in a multi-datacenter environment with critical, non-stop enterprise applications running in virtual server environments is highly preferred.
Health Information experience preferred.
LICENSE / CERTIFICATION:
CompTIA CASP preferred
GSEC – GIAC Security Essentials preferred
CEH – Certified Ethical Hacker preferred
KNOWLEDGE / SKILLS /ABILITIES:
Knowledge of endpoint protection, intrusion detection, security event monitors, secure proxies, firewalls and other security devices/tools.
Knowledge of incident response methodologies.
Knowledge of hardware and operating systems.
Knowledge of large-scale server virtualization.
Knowledge of applications and data management tools.
Knowledge of cyber threats and vulnerabilities.
Knowledge of adversarial tactics and techniques.
Knowledge of cybersecurity, ethics and privacy principles, along with related regulatory requirements.
Knowledge of encryption algorithms, cryptography, and key management
Knowledge of IAM technologies (Directories, SSO, SCIM, etc.)
Ability to collect and analyze data to guide decision making.
Ability to interpret the information collected by network tools, such as Traceroute, Ping, packet captures, etc.
Ability to analyze and categorize vulnerabilities in information systems.
Ability to organize, standardize, and manage detailed information.
Ability to work collaboratively and effectively in and between teams.
Ability to prioritize, managing multiple competing work efforts.
Strong interpersonal, collaboration, and conflict resolution skills. Ability to exercise strong judgment in analyzing, appraising, evaluating, and solving problems of a difficult procedural, organizational, administrative, or technical nature.