|Company||Atlantic Health System|
|Preferred GIAC Certifications||GSEC, GDSA, GCDA, GCED, GCIH|
|Contact Name||Larry Pierce|
The Information Security Engineer 2 position requires an information security professional who is results-oriented, multi-disciplined, and comfortable in implementing system security solutions in multi-vendor complex healthcare environment. This position is responsible for the research, technical analysis, recommendation, configuration, and administration of systems and procedures to ensure the protection of information processed, stored, or transmitted in Atlantic Health System computing environments. This position provides security design, consultation, and technology governance oversight for various projects and initiatives. The incumbent also assists system users relative to information security matters and undertakes complex projects requiring additional specialized technical knowledge. This position acts as an information security liaison to various business units and other corporate entities as well as the Information Services & Support department. Primary responsibility will include daily management of Data Loss Prevention (DLP) technologies.
Working knowledge of industry standard security technologies including but not limited to:
Encryption/cryptography standards, protocols and best practices
Network security configuration and design
Cloud security configuration and design
Identity and access management (IDPs, authentication, authorization and active directory services)
Ability to develop specific proactive procedures for detection of security breaches
Ability to develop technical playbooks around security events and incidents and to automate response capabilities for those playbooks
Identifying security risks via architecture and design reviews as well as baseline accepted security standards.
Demonstrate experience in operating systems, applications, network penetration testing, and vulnerability assessment.
Experience in collaborating with system and network administrators to help remediate the impact of identified risks and vulnerabilities at the platform level.
Demonstrate conceptual, analytical and innovative problem-solving skills
Ability to conduct independent research and analysis in the event of a security breach
Identify issues, formulate strategy, and proactively remediate security risks
Ability to draw conclusions and make recommendations based on analysis and findings
Demonstrate knowledge of security controls for network, application and operating systems.
Strong knowledge and work experience with logical access controls to ensure confidentiality, integrity and availability of proprietary information.
Knowledge and understanding of business processes and information systems of a healthcare institution.
Demonstrate interpersonal skills; including the ability to work effectively in a team environment.
Prove ability to work with staff and management in the Information Security and Information Services & Support divisions.
Capacity to work independently and willingness to seek advice/assistance from others.
Excellent time management and organizational skills.
Willingness to work outside of regular business hours as required which may include evenings, nights, weekends, holidays.
Data Loss Prevention (DLP) on the network and endpoint as well as in the cloud
Strong knowledge of Microsoft 365 DLP capabilities
Working knowledge of Saas-based cloud application security and cloud platforms such as AWS/Azure, etc.
Risk Assessment/Risk Mitigation/Risk Management
Security Incident Handling and Response and Threat Management
Digital Forensics Best Practices
Cryptography and Encryption
Cyber Threat Intelligence, Information Warfare, and Data Assurance Principles
Knowledge of Malware/Spyware and other malicious payloads
Log management, analysis and alerting
Designing, Engineering and Reviewing of Secure Architectures
Knowledge of various security technologies including:
Security Information and Event Management (SIEM) platforms
Web Content Filtering/Web Proxies
endpoint security (EDR/NDR/XDR)
Network and host-based firewalls
Web application firewalls
network security best practices
Development and presentation of Workforce Cybersecurity Awareness Education and Training
Review and update Information Services & Support policies and procedures
Bachelors Degree in Computer Information Systems, Computer Science, MIS, Engineering or related technical discipline. Equivalent work experience in the Information Technology field will be considered coupled with relevant Cyber Security certifications (SANS certifications are the most desirable).
Minimum 2 years of direct information security experience within an Information Technology organization (preferably in a Healthcare environment)
Will be able to illustrate a consistent and logical pattern of strategic career investments and professional development that have helped develop the skills and experience required to be an effective Information Security Engineer which can include advanced education, industry certifications, professional development, industry thought leadership, and other external interests and pursuits. (i.e. community involvement, philanthropy, etc.)
Active certifications from GIAC/SANS, ISACA and ISC2 extremely desirable.
Advanced experience with DLP technologies is required.
Atlantic Health System aims to deliver the highest quality, safety and care combined the best experience for our patients and their families. We are confident that you will find success within Atlantic Health System, which has been named for the 12th year in a row to Fortunes Top 100 Best U.S. Companies to Work For list. We believe you will find that our culture of collaboration and care exemplifies the value we place on our patients, their families and our employees.
Atlantic Health System, Inc. is an equal employment opportunity employer and federal contractor or subcontractor and therefore abides by applicable laws to protect applicants and employees from discrimination in hiring, promotion, discharge, pay, fringe benefits, job training, classification, referral, and other aspects of employment, on the basis of race, color, religion, sex (including pregnancy, gender identity and sexual orientation), national origin, citizenship status, disability, age, genetics, or veteran status.