IT Cloud Engineer Security III

Job Description:

Summary:

The IT Cloud Engineer - Security provides the vision strategy functionality and technology solutions for creating and maintaining security system and solutions for both public and private cloud infrastructure-based solutions. This position collaborates with the Information Technology teams to lead the organization toward the deployment of technologies which focus on the trust risk and security management of the company environment. These may include PaaS SaaS hosted and on-premises solutions allowing for flexible secure on-demand cloud-like functionality and services while endeavoring to provide resiliency and achieve cost reduction while maintaining a highly secure and flexible environment.

Essential Accountabilities:

Level I

• Enforces and integrates security solutions tools and appropriate controls to align to security policies standards and procedures.
• Stays current with leading security technologies standards and best practices as well as cyber threat landscape and evolving mitigation approaches and techniques.
• Acts as a high-level escalation tier for operational support in assigned technical areas.
• Conducts proof-of-concept testing in a lab environment.
• Creates updates and maintains supporting documentation for technology standards.
• Designs and deploys security solutions to support and ensure alignment with business requirements.
• Works with technology vendors and technical subject matter expert (SME) to produce corporate standards with regards to assigned technology areas.
• Collaborates and/or leads engineering solutions integrating multiple systems and/or technologies.
• Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies mission and values adhering to the Corporate Code of Conduct and leading to the Lifetime Way values and beliefs.
• Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures.
• Regular and reliable attendance is expected and required.
• Performs other functions as assigned by management.

Level II (In addition to Level I responsibilities):

• Acts as a primary engineer for assigned technology areas maintaining highly performant and optimized infrastructure environment.
• Researches technologies and perform analysis that significantly contributes to budget and expenditures for assigned technology areas.
• Collaborates and participates in the development and execution enterprise strategy in the assigned technology area.
• Assists in the RFI/RFP process.

Level III (In addition to Level II responsibilities):

• Research and recommended solution designs. Establishes business justifications for purchases made within assigned technology areas.
• Significant contributor to automation workflows and focuses on automation for job-related tasks.
• Performs system analysis and capacity planning of security assets.
• Assists with mentoring of Level I and II Engineers.

Level IV (In addition to level III responsibilities):

• Acts as trusted advisor to the management team.
• Emphasizes technology cost optimization when designing new solutions.
• Leads business critical projects efforts for IT infrastructure.
• Leads internal strategic efforts collaborates and mentors peers.

Minimum Qualifications:

NOTE:

We include multiple levels of classification differentiated by demonstrated knowledge skills and the ability to manage increasingly independent and/or complex assignments broader responsibility additional decision making and in some cases becoming a resource to addition to using this differentiated approach to place new hires it also provides guideposts for employee development and promotional opportunities.

Level I:

• Four (4) years of related experience.
• Associates degree in Computer Science Information Technology or related field In lieu of degree three (3) years of related work experience required. Bachelors degree preferred.
• Intermediate knowledge of security compliance and audit policies/procedures.
• Basic experience with research design and implementation in assigned technologies.
• Basic infrastructure operations and infrastructure project delivery experience essential.
• Basic scripting and automation experience.
• Advanced communication skills.
• Intermediate understanding of cloud computing infrastructure and concepts.
• Intermediate knowledge of securing cloud and/or on-prem (i.e.: ability to secure disparate systems).
• Intermediate ability to engineer and integrate new security designs with an emphasis on solutions that align with overall security strategy.
• Demonstrates intermediate knowledge of a minimum of two (2) concepts and/or tools listed below: Encryption PKI Network and application security and related firewalls (Palo Alto Networks Imperva Azure AWS etc.) Identity management (AD Entra ID conditional access MFA SSO etc.) Virus detection and end point security (Defender preferred) Vulnerability scanner and pen testing tools (e.g. Rapid 7 Nessus Nexpose Metasploit Appscan Burp suite Ida Pro etc.) IDS/IPS and related tools Comprehensive Cloud security platform (Palo Alto Prisma) Security logging and monitoring (SIEM e.g. ArcSight Splunk SolarWinds LEM Azure Sentinel AWS Guard Duty etc.) Common web application security vulnerabilities (e.g. OWASP) Application security Security architecture principals/concepts (i.e. Zero Trust)

Level II (in addition to Level I qualifications):

• Intermediate knowledge of security compliance and audit policies/procedures.
• Intermediate knowledge of a minimum of three (3) concepts and/or tools listed above.
• Intermediate Security operations and infrastructure project delivery experience.
• Demonstrates intermediate technical documentation ability.
• Intermediate experience with IT computing resource management and optimization.
• Displays advanced business maturity and demonstrated confidentiality.
• Intermediate knowledge of Disaster Recovery.

Level III (in addition to Level II qualifications):

• Advanced knowledge of a minimum of four (4) concepts and/or tools listed above.
• Strategic vision in alignment with business objectives.
• Intermediate scripting and automation experience preferred.

Level IV (in addition to Level III qualifications):

• Advanced knowledge of a minimum of five (5) concepts and/or tools listed above.
• Demonstrated advanced competency in team leadership/technical leadership facilitation and project leadership.
• Advanced understanding of Disaster Recovery procedures related to IT infrastructure.
• Advanced knowledge of security compliance and audit policies/procedures.
• Advanced scripting and automation experience.

Physical Requirements:

• Ability to travel across the Health Plan service region for meetings and/or trainings as needed.
• Ability to work in a home office for continuous periods of time for business continuity.
• Ability to provide on-call rotation support.

************

In support of the Americans with Disabilities Act this job description lists only those responsibilities and qualifications deemed essential to the position.

Equal Opportunity Employer

Compensation Range(s):

Level I - Min 79068 Max 142322

Level II - Min 87766 Max 157978

Level III - Min 98297 Max 176935

Level IV - Min 110093 Max 198168

The salary range indicated in this posting represents the minimum and maximum of the salary range for this position. Actual salary will vary depending on factors including but not limited to budget available prior experience knowledge skill and education as they relate to the positions minimum qualifications in addition to internal equity. The posted salary range reflects just one component of our total rewards package. Other components of the total rewards package may include participation in group health and/or dental insurance retirement plan wellness program paid time away from work and paid holidays.

Please note: There may be opportunity for remote work within all jobs posted by the Excellus Talent Acquisition team. This decision is made on a case-by-case basis.

All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran.