Cyber Security Engineer

About The Position

Requirements

• Bachelor’s degree in related field
• Must have a broad understanding of security technologies including but not limited to firewalls, vulnerability and compliance management solutions, logging and security incident and event management (SIEM) , secure access service edge (SASE) endpoint security, and cloud posture management, and cloud security
• think creatively and innovatively about the information risk and security solutions that can keep data safe while still allowing a business to successful
• have experience in working with regulations and compliance requirements including HIPAA, HITRUST, NIST CSF, ISO 2700x, SSAE-16 (SOC 1, SOC2, SOC3), EU Data Privacy and Security, Privacy Shield, and others
• have experience in developing, executing, and maintaining Security audit plans, audit standards, and vendor security reviews
• have experience in identifying cultural and educational requirements for a diverse population and effectively able communicate audit and technical concepts to them
• are an excellent written and verbal communicator
• proficient with Microsoft Office Suite (Word, Excel, Power Point)
• highly collaborative with the ability to properly handle confidential information
• work well independently and in a team environment, and work well in a matrix environment
• able to multi-task, prioritize and meet deadlines
• handle stress well and are comfortable in a high volume environment
• have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones

Nice To Haves

• Information Systems Auditor (CISA)
• Information Systems Security Professional (CISSP)
• in Risk and Information Systems Controls (CRISC)
• Information Security Manager (CISM)

Responsibilities

• Must be able to identify and spotlight vulnerabilities on on-premises and remote networks (including cloud operating environments), correct problems, and prevent security breaches
• Develop systems and processes for information risk and security leading practices throughout the company
• requirements and select security technology through RFP / RFI processes
• technical security standards aligned to Information Security policy and client requirements
• Key Risk Indicators and Key Performance Indicators for Security Operations services; monitors for effectiveness and develops performance improvements when necessary.
• and Maintain Security Incident Response capabilities and plans and Business Continuity plans
• systems for potential vulnerabilities
• of penetration testing, network security, and the techniques used to expose and correct security flaws
• for proper management of patches to defray business impact while keeping security protocols up-to-date
• computer networks and systems for threats and security breaches
• security incident response and prepare reports on security incidents
• maintains, and implements vendor security assessment plans and conducts vendor security reviews to ensure COMPANY security policies, standards, and external compliance requirements are being met
• draft and development of vendor security related policies, standards, guidelines, procedures, and requirements
• with other security organization members on cross-business / cross-functional opportunities