Senior Security Engineer, Detection and Response

About The Position

Requirements

• A bachelor's degree or equivalent work experience.
• Minimum of 5 years of cybersecurity experience, with a preference for at least 4 years in detection and response.
• Strong knowledge of cybersecurity principles, technologies, and best practices. Proven experience in healthcare security and knowledge of industry regulations, such as HIPAA and HITECH.
• Excellent communication and collaboration skills to work with diverse teams and vendors.
• Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard (PCI).
• Proficiency in common information security management frameworks, such as ITIL, Center for Internet Security (CIS) Critical Security Controls (CSC), and NIST, including 800-53 and MITRE ATT&CK Framework.
• Strong problem-solving and analytical abilities.
• Candidates must be capable of effectively evaluating and implementing technical alternatives, staying up to date with emerging technologies, risk assessment methodologies, and incident response.
• Self-motivated with strong organizational skills and exceptional attention to detail.
• Ability to manage multiple tasks/projects simultaneously within strict time frames and adapt to frequent priority changes.
• Capability to work within established policies, procedures, and practices set by the organization.
• Proficient in English to provide and receive instructions and directions effectively.

Nice To Haves

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• CompTIA Security + or Network +
• GIAC Certified Incident Handler Certification (GCIH)
• GIAC Certified Intrusion Analyst Certification (GCIA)
• Certified Cloud Security Professional (CCSP)
• Certified Intrusion Analyst (GCIA)
• Certified Information Security Incident Handler (CIHI)
• Certified Incident Handler (EC-Council ECIH)
• Certified Ethical Hacker (CEH)
• or other similar credentials.

Responsibilities

• Implement and manage security tools.
• Continuously monitor for malicious activities and vulnerabilities.
• Develop comprehensive threat detection and alerting procedures.
• Lead and coordinate incident response, collaborating with IT and compliance teams.
• Tailor incident response plans for healthcare settings.
• Investigate and assess security incidents, with forensic analysis.
• Develop containment and remediation strategies for risk mitigation.
• Maintain and optimize security tools and systems.
• Ensure compliance with healthcare regulations and standards.
• Assist in external compliance audits.
• Collaborate with MSSP for security tools and configurations.
• Define SLAs and KPIs to align with security objectives.
• Share threat intelligence with MSSP for unified threat response.
• Coordinate incidents and create incident response playbooks with MSSP's expertise.
• Enhance security through scripting and automation.
• Develop custom security solutions.
• Automate incident response with scripting.
• Stay current with scripting languages and automation frameworks.
• Define operational metrics and KPIs.
• Establish quantifiable performance indicators.
• Regularly review and refine operational metrics.
• Develop and monitor service level objectives (SLOs) to ensure operational excellence.
• Performs other tasks as assigned.
• Complies with organizational policies, procedures, performance improvement initiatives and maintains organizational and industry policies regarding confidentiality.
• Communicate clearly and effectively to person(s) receiving services and their family members, guests and other members of the health care team.
• Develops constructive and cooperative working relationships with others and maintains them over time.
• Encourages and builds mutual trust, respect and cooperation among team members.