Security Engineer

The Security Engineer is responsible for securing - maintaining and monitoring the infrastructure and networking security. The role is tasked with detecting vulnerabilities, planning with departments for deployment, and remediating vulnerabilities within the infrastructure. The Security Information Engineer is also tasked with deploying best practices for securing information as well as platforms in the infrastructure.Responsibilities:Manage IT Security operationsVulnerability detection through scanning platforms (Rapid7)Implementation and planning with business and engineering team of found vulnerabilitiesRemediation of vulnerabilities through multiple vectors (WSUS, GPO)Antivirus policy creation, reporting, and remediation on malicious files (SentinelOne)Plan for GPO policy upgrades to secure business operations (Active Directory)Audit and remediation of access permissions for NFS/NTFS systems (Shared folders)Adhere to best practices of securing currently used applications and platforms (MFA, Certificate)Required Experience:Four-year degree or higher in Information Systems or Security, or related field or equivalent combination of workVery strong Hands-on experience (Required 5+ years) of computer related security experience in a technical role within Information TechnologyPrevious engineering experience preferredWorking knowledge of various Identity and Access management systems a plusCISSP, CISM, CISA, CCSP, ITIL, Security + or other related certification preferredAdvanced understanding of infrastructure. Active Directory, Exchange, Windows desktop/server OS, VMware, storage systems, DNS, firewallsAdvanced understanding of protocols. WMI, SNMP, TLS, SSL, SMB, Cypher SuitesAdvanced understanding of securing systems and platforms through device/policy hardeningUnderstanding of SSL CertificatesAbility to communicate technical information in a clear manner, both written and verbally, to end usersProficient knowledge of MS Outlook, Word, Excel, Visio and PowerPointExperience with HIPAA, HITRUST, HITECH, PCI, ISO 27001, ISO 27002, URAC regulations and awareness and/or experience with CMS, NIST and other healthcare industry related regulationsAvailability to work nights and weekends during (un)planned outages and other special circumstances, with 24/7 accountability.Availability to enter on call rotation