Information Security Engineer III

About The Position

Requirements

• Bachelor of Science/Arts Degree in Information Technology (IT), Management Information Systems (MIS), or related computer science field or equivalent technical work experience is required
• At least eight (8) years of hands-on, Information Technology experience is required
• At least five (5) years of Information Security or IT audit experience is required
• Solid familiarity with application, server, and network security is required
• Proficient working knowledge of security technologies such as access management (authentication and authorization), security monitoring, and data encryption
• Working knowledge of computer networking and secure Internet protocols (e.g. SSL, IPSEC, and TCP/IP protocols)
• Working knowledge of Microsoft Windows operating systems, Microsoft Active Directory, and computer networking
• Intermediate to advanced proficiency level with Microsoft Word and Excel
• Excellent written and oral communication skills
• Customer service orientation
• Effective oral and written communication skills
• Ability to work independently and within a team environment
• Strong analytical, evaluative, and problem-solving abilities
• Critical listening and thinking skills

Nice To Haves

• Significant experience in server/network administration, network engineering, and/or application development is preferred
• Experience demonstrating HIPAA, Sarbanes-Oxley (SOX), and/or Payment Card Industry Data Security Standard (PCI-DSS) compliance desired
• Implementing and maintaining Azure/Office365 security controls required
• Experience Implementing and maintaining a CASB (Cloud Access Security Broker) required
• Implementing and maintaining Cloud DLP (Data Loss Prevention) controls preferred
• Implementing and maintaining security controls for Amazon Web Services preferred
• Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), System Security Certified Practitioner (SSCP), and/or Certified Information Systems Security Professional (CISSP) is preferred

Responsibilities

• Apply creative thinking in problem solving and identifying opportunities for improvements in security
• Administer and configure network and computing devices/systems that enforce security policies and IT internal controls
• Share ideas, discuss alternatives, and recommend means to decrease vulnerability of systems, applications and processes
• Monitor vendor and other advisory systems for patches and other security alerts, actively driving ongoing vulnerability remediation efforts in cooperation with IT teams
• Design and implement technical solutions to contractual and regulatory requirements with a particular focus on HIPAA compliance needs
• Assist in completion of and responses to internal and external security assessments and audits
• Recommend, complete, and/or coordinate the application of fixes, patches, and updates assessed to be important to the security of the enterprise
• Research emerging technologies in support of security enhancement and development efforts
• Provide subject matter expertise and assistance with risk assessments, penetration tests, internet/extranet security assessments, intrusion attempts, and cyber-crime response efforts
• Perform project leadership tasks on select security projects and other IT projects requiring security integration and coordination
• Perform any other job duties as requested

Benefits

• In addition to base compensation, you may qualify for a bonus tied to company and individual performance.
• We are highly invested in every employee’s total well-being and offer a substantial and comprehensive total rewards package.