Cybersecurity Sr Engineer Vulnerability Management
Cybersecurity Sr Engineer Vulnerability Management
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Overview
Responsibilities
This is a remote position.
Job Summary
The Cybersecurity Senior Engineer Platform Support position supports the Vulnerability Management (VM) program for CommonSpirit Health. This program provides cyber hygiene requirements and guidance performs technical security assessment services maintains VM security systems and workflows and provides engagement and reporting services on specific and systemic security vulnerability and configuration issues for the enterprise.
The Cybersecurity Senior Engineer will report to the Manager Vulnerability Management as part of the overall Cyber Vigilance and Defense team focused on identifying protecting responding and containing threats and vulnerabilities to the overall CommonSpirit organization.
The Cybersecurity Senior Engineer monitors the threat and vulnerability landscape and changing business requirements to identify functional technological and/or control solutions. Integrates all cybersecurity solutions in an optimal manner to best protect the organization from cyber threats and exposures. Technological solution owner responsible for technology selection based on business requirements. Drives the design development configuration and implementation of solutions and optimizes solutions to resolve highly complex technical and business issues related to cybersecurity and cyber hygiene. Designs develops and implements solutions to successfully integrate new information security and vulnerability assessment and management systems with the existing architecture.
May drive one or more projects acts as a subject matter expert (SME) for one or more security or vulnerability assessment or management areas. May act as team-lead for other security personnel. Mentors other engineers as a leader in the organization.
Job Responsibilities
- Provides leadership on the establishment and maintenance of vulnerability assessment platforms and engines scan template creation and management scan cycle management account management periodic systems or applications checks data integration with other platforms troubleshooting issues and configuration of sites and scans.
- Designs develops and implements new solutions to integrate into existing or newly defined architecture.
- Provide leadership on team related engagement with Security Engineering Identity Management Engineering Security Architecture CSOC Network Engineering Clinical Engineering Systems Engineering Application Development and/or other IT Operations and business function owners.
- Design and Implement new vulnerability scanning sites and services as needed.
- Act as a security advocate for IT Operations teams adherence to CommonSpirit Health policies security standards and requirements and industry best practices.
- Manage workload prioritizing tasks and documenting time and other duties as directed by management.
- Pursue continuing education to grow and maintain knowledge of best practices compliance requirements vulnerabilities threats and trends in information security translating into operational action items policies procedures standards and guidelines as part of the IT Security team.
- Participate in the collection and documentation of departmental knowledge artifacts participant in the development and population of knowledge management and collaboration systems for the IT Security team.
- Communicates security and technical information to team members and across the IT Organization.
- Assists Management in identifying knowledge process and technology gaps.
- Provide service line support for vulnerability and configuration remediation engagement and escalation. Process Information Security vulnerability and configuration issues and tickets of moderate to difficult complexity
- Perform reviews and analysis of system and applications vulnerabilities and configurations and support Security technical Risk Management processes.
- Proactively identify engage on and escalate vulnerability and configuration issues either system/application specific or systemic. Lead specific engagement and remediation efforts.
- Assist with technical vulnerability assessment services.
- Designs develops configures and implements solutions to resolve intermediate to complex technical and business issues related to information security.
- Reviews and consults on security of technology solutions to resolve intermediate to high technical and business issues.
- Provides support and works on multiple functions of intermediate to high complexity.
- Serves as SME for one or more technical solutions
Qualifications
- Bachelors Degree in Computer Science Information Security Information Systems or related field or equivalent professional experience required.
- Two or more relevant technical/professional security certifications (such as: COMP-TIA Network Security SANS GIAC CISSP CRISC CISA or vendor-specific) preferred.
- 4-5 years job related experience required specifically administering maintaining supporting and designing Rapid7 vulnerability assessment environments.
- 5 years job related experience preferred.
- Experience in Windows UNIX/Linux OS required.
- Functional understanding of regulatory and compliance mandates and frameworks including but not limited to: HIPAA HITECH PCI Sarbanes-Oxley Center for Internet Security (CIS) or NIST preferred.
- Experience conducting Vulnerability Testing (Network Application Database and/or System Security) Analysis Prioritization and Documentation and the management of communication with leadership and affected stakeholders preferred.
- Knowledge of healthcare environments preferred.
- Previous project management or project coordination experience preferred.
- Previous Information Security experience in the healthcare/medical environment strongly preferred.
#LI-Remote
#LI-CSH
Required Experience:
Senior IC
Employment Type
Unclear
