Security Engineer, Remote
Position Summary: Security Engineer maintains security posture of Steward Health Care through active monitoring of the infrastructure and participation in projects designed to implement security technologies. Provides leadership and support for Security Operations. Requires diverse set of skills including problem-solving, solid verbal and written communication, excellent relationship building experience, and strong leadership skills.
- Support organizational security strategies aligned to enable Steward Health Care’s mission and business objectives
- Serve as a leader of project teams in a cross-functional environment
- Function as a recognized expert to other IT groups on Security Operations Center and incident response related matters
- Provide development guidance and assist in the identification, implementation, and maintenance of organization information security policies and procedures in coordination with organization management and administration
- Perform initial and periodic security assessments for incidents and conducts related ongoing investigative activities in coordination with the other corporate functions.
- Identify key operational areas for continuous improvement
- Occasional after hours and weekend work may be required in order to perform tasks that cannot be done during business hours
- Participate in the call rotations
- Travel to other Steward Health Care sites as needed
- Performs other duties as required
REQUIRED KNOWLEDGE & SKILLS:
- Solid background in Security Engineering & Operations.
- Solid background in incident handling procedures and Cyber Kill Chain methodology
- Work both independently and collaboratively with peers, across teams, and with management
- Knowledge of IT Operations and risk assessment procedures
- Provide guidance on incident response and data leakage control topics to other IT groups
- Proven ability to work under pressure
- Strong analytical and problem-solving skills
- Excellent oral and written communications skills
- Strong knowledge of the various security solutions, such as AV, IPS, IDS, SIEM, VPN, DNS, firewalls, proxies, etc., is required
- Knowledge of and experience in scripting using Python and/or PowerShell is required
- Knowledge of web applications and API is highly desired
- Experience with cloud environments is desired
- Education: Bachelor’s degree in a technical field, or equivalent experience
- Experience (Type & Length): 8+ years of relevant experience with large mission-critical internetworks is required
- Certification/Licensure: Security industry certifications, such as CISSP, GIAC, CISM, CISA, etc. are desirable
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal ability to furnish information. 41 CFR 630-1.35.