Employment Type:

Shift:

Description:

In this role a candidate will be expected to perform enterprise and system focused network and application penetration test engagements. Communicate findings and strategy effectively to client stakeholders including technical staff executive leadership and peers. Apply security testing and penetration testing techniques and mindset to a wide range of projects. Represent Enterprise Information Security on IT standards and review committees. Acts as an advocate and resource on information security for various teams areas and/or system-wide initiatives.

ESSENTIAL FUNCTIONS

• Knows understands incorporates and demonstrates the Trinity Health Mission Vision and Values in behaviors practices and decisions.
• Develops designs and operates one or more information security domains. Provides technical consultation and assistance in identifying evaluating and documenting use of systems and other related services to ensure compliance with EIS policies.
• Independently perform web mobile and thick application penetration tests.
• Perform security reviews of application designs covering all types of applications (web application web services mobile applications thick client applications SaaS)
• Apply offensive cybersecurity testing techniques coordinate testing projects with internal and external systems.
• Reports the nature of identified cyber security risks and recommends risk mitigation measures to improve the cyber security posture of the enterprise.
• Participate in Security Assessments of networks systems and applications
• Work on improvements for provided security services including the continuous enhancement of existing methodology material and supporting assets.
• Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies procedures and standards to ensure conformance with TIS objectives.
• Other duties as needed and assigned by the manager.
• Maintains a working knowledge of applicable Federal State and local laws and regulations Trinity Healths Organizational Integrity Program Standards of Conduct as well as other policies and procedures in order to ensure adherence in a manner that reflects honest ethical and professional behavior.
• Ensures all projects and services meet Trinity Health Information security and regulatory standards policies and procedures while delivering business requirements.
• pay grade 15 range 98240.28-147360.42 Actual compensation will fall within the range but may vary based on factors such as experience qualifications education location licensure certification requirements and comparisons to colleagues in similar roles.

MINIMUM QUALIFICATIONS

• Bachelors degree or an equivalent combination of education and experience.
• Minimum of two (2) to five (5) years of Penetration Testing and or progressive experience tied to IT security operations development with a focus on securing IT environments/infrastructure.
• In-depth knowledge and experience with penetration testing. Expected to test and analyze security functions for malware design weaknesses technical flaws and system vulnerabilities.
• Certification(s) in one or more of the following: GPEN GXPN OSCP OSWE OSCE eJPT eCPPT eCPTX PNPT Burp Suite Certified Practitioner would be ideal.
• Experience in reconnaissance (network & system) exploitation and lateral movement (post exploitation activities) Wi-Fi malware packet analysis reverse engineering.
• Demonstrates proven extensive knowledge of application security network segregation access controls IDS/IPS devices cryptography physical security and information security risk management;
• Experience with tools such as Burpsuite Kali Linux NMAP AttackForge Jira and Git
• Demonstrates knowledge of Networking protocols TCP/IP stack systems architecture and operating systems.
• Demonstrates knowledge of common programming and scripting languages such as Python PowerShell Ruby or Bash.
• Cybersecurity frameworks and methodologies from industry-leading practices such as NIST FFIEC and OWASP.
• Must be team oriented supportive and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
• Must be committed to continual personal and professional growth possess a pro-active approach with a willingness to go the extra mile every time for the customer.
• Must be comfortable operating in a collaborative shared leadership environment.
• Must possess a personal presence that is characterized by a sense of honesty integrity and caring with the ability to inspire and motivate other.

PHYSICAL AND MENTAL REQUIREMENTS AND WORKING CONDITIONS

• This position operates in a typical office environment. The area is well lit temperature-controlled and free from hazards.
• Incumbent communicates frequently in person and over the telephone with people in a number of different locations on technical issues.
• Manual dexterity is needed in order to operate a keyboard. Hearing is needed for extensive telephone and in person communications.
• The environment in which the incumbent will work requires the ability to concentrate meet deadlines work on several projects at the same period and adapt to interruptions.
• The incumbent must be capable of traveling in the course of completing project assignments.
• Must be available for on-call rotations to support 24x7x365 service availability.
• Must be able to travel to the various Trinity Health sites (up to 20%) as needed (may or may not apply).

Our Commitment

Rooted in our Mission and Core Values we honor the dignity of every person and recognize the unique perspectives experiences and talents each colleague brings. By finding common ground and embracing our differences we grow stronger together and deliver more compassionate person-centered care. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability veteran status or any other status protected by federal state or local law.