Reports to the Chief Information Security Officer. Responsible for security engineering, implementation, and review of information security controls across the hospital system. This role will focus on our cyber defense operations, operating security technology, and collaborating with IT stakeholders to implement security practices and standards that comply with IT security policies that best protect Midland Health’s information and technology assets. This position interfaces with IT technical teams to develop and implement security solutions for their areas of responsibility and advise and educate on security solution design and emerging threats. This role will provide consultative services supporting IT, Legal and Compliance as needed. Additionally, the role will support all areas of Cyber Security including Identity and Access Management (IAM), Cyber Risk, Governance and Architecture.
SHIFT AND SCHEDULE
Full Time: 8:00 AM – 5:00 PM
ESSENTIAL FUNCTIONS/PERFORMANCE EXPECTATIONS
- Provide security engineering guidance and architecture oversight, design reviews and security roadmap collaboration for future security strategies around Endpoint Protection and Management, Cyber Incident Response and Threat Intelligence, Identity and Access Management, Disaster Recovery and Planning, Vendor Security Assessments, Cyber Security Architecture, Cyber Security Training, and Email Security
- Provides support to legal and business stakeholders for FOIA, and security compliance programs and policy related requests
- Technical lead for security solution technology stack; working with vendors to configure and implement new security solutions
- Collaborates, and guides security operations, including email, endpoint, network, and system hardening effort with IT Operations
- Lead incident investigation, root cause analysis, resolution, documents risks (cyber risk registry), and develop mitigating controls
- Provide guidance, and mentorship for Cyber Security team members
- Experience configuring vulnerability management platforms such as CrowdStrike, Rapid7 InsightVM, Tenable.io, Varonis etc.
- Knowledgeable using cloud security tools such as Rapid7 Insight CloudSec, MS Defender for Cloud
- Leads security capability, vulnerability, and risk assessments of information systems
- Researches, recommends, proposes, and implements new security technologies, tools, initiatives, etc.
- Must have a high degree of initiative, dependability and able to work with little supervision.
- Advanced knowledge of system and application security threats and vulnerabilities e.g., buffer overflow, cross-site scripting, SQL injection, MITM replay attacks.
- Develop new automation and tooling to improve our detection of and assist in the remediation of findings.
EDUCATION AND EXPERIENCE
- Bachelor’s degree required in computer science, information systems, information science, business administration or Engineering with 2+ years in a cybersecurity position. Advanced degree in related field desirable.
- 4+ years of work experience as a cybersecurity practitioner.
- Solid understanding of network protocols, application technology, security monitoring tools.
- Experience maturing vulnerability management programs and processes
- DLP solutions such as MS Purview, Symantec
- Identity and Access Management solutions MFA, SSO, password vaulting
- NAC and remote access solutions such as Global Protect, AnyConnect, etc.
- Proxy solutions such as Prisma Access, NetScaler, etc.
- Rules and threat protections on firewalls such as Fortinet, Palo Alto or Cisco
- Programming skills from prior work experience in at least one of the following languages: C#, C/C++, PowerShell or Linux shell programming, JavaScript, Python, SQL or DB Query
- Knowledgeable in regulatory compliance requirements pertinent to healthcare such as Experience with any of the following areas of compliance: (HIPAA, SOC2, HITRUST, NIST 800-53, NIST CSF, NIST 800-171)
- Experience in securing infrastructure and applications in Azure, AWS or GCP
- Strong IT Infrastructure knowledge of server compute, networking (LAN, WAN, WLAN), and telephony (VoIP, SIP, IVR, ACD)
- Strong knowledge of information technologies and integrations used in a hospital setting required.
Additional Knowledge and Skills required:
- Excellent Analytical and problem-solving skills.
- Excellent communication, written and verbal
PHYSICAL REQUIREMENTS
To perform this job successfully, an individual must be able to perform each essential responsibility satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The individual must be able to:
- Stand, walk, sit, stoop, reach, lift, see, speak and hear. Lifting is limited to 35 lbs. for clinical staff and to 50 lbs. for non-clinical staff. The individual must use an assisted-lift device or get another individual(s) to assist with the lift that is over these maximum limits.