Cyber Security Engineer
- Job Level:
$90000 - 110000
Cyber Security Engineer needed for a Direct Hire in Stamford, CT. The Cyber Security Engineer is responsible for monitoring the information security environment identifying and responding to potential risks and if necessary, mitigating those risks. In addition, the Security Engineer is responsible for provisioning system access within Health System (SHS) and for ensuring appropriate access to the network and software applications are being granted through role-based access. They are responsible for user provisioning, working with IS peers on defining role-based access, security policy enforcement and auditing for security and HIPAA compliance. The Security Engineer must also be familiar with the Active Directory, forensics investigation, general application functionality, penetration testing, data transfer processes and security regulations. Duties also include the maintenance of healthcare applications and investigation, resolution and notification of issues escalated through Help Desk tickets.
Our client is a non-profit trauma center that is a staple in its community. Bringing attentive care to its patients, our client prides themselves on treating every person who walks through the door with respect.
- Perform routine cyber-security monitoring tasks for Active Directory, network, and firewalls; provide first response to security alerts performing analysis and if possible, a resolution. Escalate to team members as needed.
- Utilizing Cybersecurity tools such as HP ArcSight SIEM, McAfee, vulnerability assessment, MDM and Active Directory responding to and resolving alerts. Escalate to Security Administrator as needed.
- Manages Mobile Device management tool (MDM) tool by creating/updating policies, interacting with users on new installation and troubleshooting issues.
- System administration for multiple systems in accordance with existing onboarding and off-boarding procedures.
- Performs control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommends remedial action.
- Research and assess new threats and security alerts and recommends remedial actions
- Provides system access validation and user provisioning on a daily basis. In this role, it is important to ensure that account access is granted based on appropriate approval and removed timely when individuals separate from the organization.
- Act as primary resource for conducting monthly reviews of terminations and with the coordination of Human Resources to notify supervisors of their non-compliant managers.
- Suspend accounts that remain inactive beyond thirty days.
- Perform HIPAA audits in conjunction with the Privacy Officer to validate appropriate access to Protected Health Information on both random patients as well as VIP patients.
- Develop and maintain role-based access templates for all applications for each job title/function.
- Assist Security Administrator with the creation and maintenance of security policies and procedures in order to adhere to federal regulations and adopt best practices.
- Perform routine and random audits to ensure compliance and enforce policies.
- Works effectively as part of a team in resolving security related issues escalated through the Help Desk in a timely manner.
- Investigates, tests, solves problems with user’s application access rights.
- Provides high level of customer service and appropriate coverage off-hours for critical problems.
- Actively participates in the process of identifying service issues with the outsourced Help Desk and recommending solutions.
- Bachelor’s degree, or equivalent technical training, with a minimum of 2 years of information security experience.
Experience & Skills Required
- Experience with Microsoft 2012 Active Directory Services.
- Experience with Windows 2008,2012 server OS.
- Knowledge of HP ArcSight and Forescout.
- Experience with conducting penetration testing.
- Knowledge of intrusion detection and prevention technologies.
- Knowledge of Microsoft Windows 7 desktop, and Server 2008, 2012 operating system troubleshooting and problem diagnosis.
- Effective documentation skills are essential.
- Ability to:
- Analyze and resolve software issues associated with system access.
- Interact professionally with client community and be committed, helpful, responsive and effective in supporting healthcare applications and activities.
- Ensure the integrity of all Health System information and maintain confidentiality of all hospital, employee, and patient information.
- Assist with special projects and/or tasks as assigned.
- Provide administrative reports as required, periodic updates on activities and updates on user or management inquiries.
- Further the Mission and Philosophy of Health System by treating all daily contacts with respect, courtesy, and patience