Information Security Engineer
Integrated Oncology Network, LLC, , , United States
Job Purpose: Check you match the skill requirements for this role, as well as associated experience, then apply with your CV below. Directly accountable for safeguarding the organization’s information assets. The role involves designing, implementing, and enforcing security protocols and procedures that mitigate risks and ensure compliance. With heavy focus in information security operations, including vulnerability management, incident/event management, compliance management, policy/procedure development and information security awareness. This responsibility will be carried out through the development of information security requirements, planning, design, implementation, and periodic audit/validation of effectiveness of all security controls. Essential Functions: * Determine information security requirements by evaluating and researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues. * Design, and implement security controls for our infrastructure and critical systems. * Verify information security systems effectiveness by developing and implementing testing and validation processes to periodically audit systems. * Collaborate with managed security service provider (MSSP) to ensure their services are effectively delivered to our organization and validate that alerts are properly acted upon to mitigate identified threats. * Support security incident response activities utilizing security tools (SIEM/SOAR) * Collaborate in the development of a Business Continuity and Disaster Recovery plan. * Prepare system security reports by collecting, analyzing, and summarizing data and trends. * Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats. * This role will be responsible for monitoring Healthcare industry and regulatory trends to ensure prompt and complete action plans are developed and implemented to address such requirements. * Serve as the liaison for audit activities related to the areas of information security. * This will also include maintaining ongoing cybersecurity risk profile using the recommended industry tools, and being certain that activities which keep us aligned with our target levels are implemented. * Demonstrable expertise in implementing, managing, and fine-tuning security controls using a variety of security tools and frameworks. Specific experience with Palo Alto firewalls and Palo Alto suite of security tools, Fortinet Fortigate Firewalls, Meraki, Active Directory and other infrastructure tools as identified. * In-depth experience with Identity and Access Management (IAM), specifically in designing and implementing IAM solutions for provisioning, de-provisioning, and role-based access controls within the organization. Familiarity with industry standard IAM solutions and best practices is a must. * Familiarity with monitoring and managing security incidents, including the use of Security Information and Event Management (SIEM) tools. * Proven track record in working with cross-functional teams to address security and compliance challenges, specifically in a Healthcare environment. * Experience in developing and implementing security policies and procedures that align with industry regulations such as PCI and HIPPA. * Previous involvement in handling external and internal audits related to information security, along with remediation of identified issues. * A high level of problem-solving skills and the ability to communicate in a clear, concise manner. * Must be able to communicate effectively in both oral and written form and explain technical concepts in non-technical terms to staff and prepare clear and concise written communications. * Must be able to manage multiple projects/tasks concurrently; and prioritize requests and complete assignments within an estimated timeframe; and organize, schedule, and coordinate a variety of activities and projects. * Must have the ability to learn new software and hardware packages and adapt to changes in technology. Qualifications and Education Requirements: * Bachelor’s Degree in computer science or Equivalent work experience * At least 5 years of experience in information security * Excellent written communication skills. * Strong organizational and planning skills. * Demonstrates a high degree of personal integrity and practices ethical standards. Must remain objective and independent when completing assignments, and consistently demonstrate the ability to hold information in confidence. * Demonstrated proactiveness and an ability to work independently and self-directed in managing multiple concurrent projects. * Excellent analytical and problem-solving skills. Required Competencies Strong Business and Organizational Competence. Exceptional Customer Service Skills. Strong functional Competence. Interpersonal Skill Competency. Stress Tolerance. Initiative. Adaptability. Accountability. Integrity. Self-Confidence. Time Management Skills with an emphasis on multi-tasking. Physical Demands and work environment The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Physical demands: Required job duties are essentially sedentary in nature, consisting of occasional walking, standing, lifting and/or carrying ten pounds maximum, seeing, speaking and hearing. Work environment: Required job duties are normally performed in a climate-controlled office environment. Job Type: Full-time Benefits: * 401(k) * Dental insurance * Health insurance Schedule: * Day shift * Monday to Friday Application Question(s): * Excellent analytical and problem-solving skills. Education: * Bachelor's (Required) Experience: * Information security: 5 years (Required) * Customer service: 5 years (Required) Work Location: Remote Remote working/work at home options are available for this role.