Cyber Security Engineer

Description

Position at Nuvance Health

Summary:

The Cyber Security Engineer will have responsibility for incident response along with a desire to relentlessly champion best practices. This role will perform all functions required to support day-to-day data security operations, supporting and maintaining a broad suite of cyber security operations infrastructure, serving as a tier 2 escalation point during incident response and investigations and monitoring compliance with IT security policy. Participate in the planning, design, installation, maintenance and tuning of security operations systems in support of security policies and best practice. Work with Information Technology staff and business units to assess risk and address security issues.

Responsibilities:

• Manage security responsibilities, including firewalls, proxy systems, SIEM, EDR and other security devices. 15%
  
• Strong skills implementing and tuning security components. 15%
  
• Server as an escalation point during incident response and investigations. 15%
  
• Maintain cyber security operations tool to insure detection, response and remediation of latest security threats 15%
  
• Create and review reports on event and incidents. 10%
  
• Stay up to date with latest security threats and assist with developing defense strategy’s to combat them. 10 %
  
• Investigate and respond to security violations  10%
  
• Ability to maintain in depth knowledge of security and networking infrastructure utilized by the company including the management and reporting of each. 10%

Education Skills Experience
• Bachelor’s degree in computer science field
• 2 or more years Security Operations with a minimum of 4 years IT experience.
• Demonstrated experience in Incident response investigations.
• Working knowledge of EDR technologies.
• Working knowledge of SIEM technologies.
• Working knowledge of common vulnerability management tools.
• Working knowledge of enterprise firewall technologies preferred.
• Working knowledge of web filtering and proxies preferred. • Working knowledge of MDM solution preferred. • Experience with DLP and IPS/IDS systems preferred. • Working knowledge of email filtering product preferred. • Working knowledge of litigation hold processing and forensic investigations preferred. • Experience participating in Red/Blue/Purple team exercises. • Experience working with information security practices, networks, software, and hardware. 

Other Information:

• CISSP, CEH, or other equivalent certification is a plus.
  
• Disaster recovery and business continuity experience is a plus.
  
• Working knowledge with HIPAA regulations as they pertain to the healthcare industry. 

Working Conditions:

Manual: Some manual skills/motor coord & finger dexterity

Occupational: Little or no potential for occupational risk

Physical Effort: Sedentary/light effort. May exert up to 10 lbs. force

Physical Environment: Generally pleasant working conditions