Sr Information Security Engineer

To be successful in this role, you: Possess a bachelor’s degree in computer science and or Information Security Technology or an equivalent combination of education and highly relevant experience required Have a minimum of seven (7) years previous experience in this or similar role required. Have a minimum of three (3) years previous experience in healthcare/Insurance industry and HIPAA compliance practices. Possess certification(s) in Information Security disciplines and technologies. Proficient in industry standard, best practice technology security software tools Essential functions and Roles and Responsibilities: Identifies cybersecurity risks, threats, gaps and recommends security improvements for Networks, Servers, Endpoints, Applications, Identity, Cloud and multiple vendor cyber security technologies. Participate in projects to apply information security controls and best practices. Implement and maintain security standards and regulations such as NIST CSF, CISA, and HIPAA. Configure, optimize, and operate security tools and technologies. Oversee the operation and management of assigned information security technologies, vendors, tools, and processes. Conduct risk and vulnerability management assessments for CHPW and third-party vendors to identify and address threats. Develop and maintain security policies, procedures, runbooks, training, reminders, metrics, and reports for enterprise-wide security. Other duties as assigned. Essential functions listed are not necessarily exhaustive and may be revised by the employer, at its sole discretion. Knowledge, Skills, and Abilities: Advanced knowledge of security for Microsoft operating systems, Servers and SQL database, Azure andAWS cloud, MS Purview security and compliance tools, NIST Cybersecurity Framework, CrowdStrike Falcon Complete, custom development and API security, and other security tools and technologies preferred (Illumio, , Rapid7 VM and AppSec, Proof Point. Ability to conduct thorough risk assessments and analyze security vulnerabilities and incidents. Verbal and written communication skills to effectively convey security concepts to both technical and non-technical audiences. Problem-solving skills Attention to detail, and organization skills, Ability to time manage multiple projects. Ability to work collaboratively with cross-functional teams. As part of our hiring process, the following criteria must be met: Complete and successfully pass a criminal background check. Criminal History: includes review of criminal convictions and probation. CHPW does not automatically or categorically exclude persons with a criminal background from employment. The applicant’s criminal history will be reviewed on a case-by-case basis considering the risk to the business, members, and/employees. Has not been sanctioned or excluded from participation in federal or state healthcare programs by a federal or state law enforcement, regulatory, or licensing agency. Vaccination requirement (CHPW offers a process for medical or religious exemptions) Candidates whose disabilities make them unable to meet these requirements are considered fully qualified if they can perform the essential functions of the job with reasonable accommodation.