Logo
University Hospitals

Senior Cyber Security Specialist ($6,000 Sign On Bonus)

University Hospitals, Beachwood, Ohio, United States, 44122


$6,000 Sign On Bonus

Performs all necessary duties to ensure the safety of information technology assets and to protect systems from intentional or inadvertent access. This position will frequently collaborate with Cybersecurity Management and provide guidance and direction for the Cybersecurity program. Provides best solutions to identified needs, meeting specific operational and business objectives, technology capabilities, and human resource requirements. Additionally, provides specialized technical expertise and support to clients, IT management, and staff in risk assessments, implementation and operational aspects of Cybersecurity procedures and products. Maintains and fosters the ongoing service relationships throughout the organization

•Lead the analysis and investigation of information security events (IPS/NGAV/DLP/NAC/SIEM/etc.), run to ground detected events and eliminate false positives.

•Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns

•Analyze system logs and other event logs to detect nefarious activity

•Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security.

•Respond to alerts from information security tools. Report, investigate and resolve security incidents.

•Perform penetration testing and source code review.

•Document and report system vulnerabilities to internal information security department in order to resolve or patch the weakness.

•Test strength of information security processes, firewalls, and encryption of data. Conduct vulnerability assessments and monitor systems, network, databases, and Web for potential system breaches.

•Educate and communicate security requirements and procedures to all users and new employees.

•Recommend and implement changes to enhance systems security and prevent unauthorized access.

•Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.

•Provide guidance and direction on best practices for the protection of information.

•Ensure compliance with regulations and privacy laws. May oversee internal or external systems security (i.e. cloud services).

•Work directly with our internal as well as external customers to understand and resolve their security questions, concerns, and requests.

•Coordinate the development and delivery of security mentorship and training to business partners by performing security program presentations, both internally and externally.

•Actively identify and consult with management and business areas regarding unresolved security exposures as well as misuse or noncompliance situations.

•Increases security awareness and fosters an information security culture through training, education, and communication.

Qualifications:Education

•High School Diploma or equivalent required. Bachelor's Degree Preferred.

Required Credentials, License, and / or Certifications

•CISSP (Certified Information Systems Security Professional), CCSP (Cisco Certified Security Professional, MCSA: Security / MCSE: Security (Microsoft Certified Systems Administrator / Engineer), CISA (Certified Information Systems Auditor), CISM (Certified Information Systems Manager), or similar information security certification preferred.

Experience & Knowledge

•Minimum 5 years IT experience required.

•Minimum 3 years of IT security experience required.

•Must have background in administering information security programs including risk assessments, forensic research, designing security architectures, developing policies, gathering metrics, and reporting status.

•Prior experiencing working in a security operations center environment.

•Prior experience analyzing security events (IPS email security,NGAV, Vulnerability Management DLP, SIEM,)

•Demonstrated initiative to learn new technologies.

•Excellent written and verbal interpersonal skills, including strong presentation skills.

•Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.

•Demonstrated dedication to and leadership of continuous process improvement.

•Ability to maintain strict confidentiality and look at all situations objectively

•Informal leadership, coaching and mentoring skills. Strong consultative skillset with ability to provide appropriate direction to other IT groups on security matters

•Ability to function independently and as a team player in a fast-paced environment required.

•Must have strong written and verbal communication skills.

•Knowledge of applicable security laws desired.

•Healthcare experience preferred, especially in a large hospital setting.

•Passion for information security and information assurance

Special Skills & Equipment Knowledge:

•Proficiency in operating systems (Windows, Mac, Linux/Unix, mobile), network theory/design, penetration testing, endpoint security monitoring, coding and scripting, reverse engineering of malware, enterprise risk methodologies

•Experience with Windows Server and Unix preferred.

•Experience with scripting languages (e.g. Powershell, VB, C#) preferred.

•Previous experience with end point protection tools (e.g. Antivirus, Antispam) preferred.

•Previous experience with IPS, network monitoring tools, and FW rule sets preferred

•Previous experience with Web Filtering products preferred.