Senior Infomation Security Engineer

We are more than a health system. We are a belief system. We believe wellness and sickness are both part of a lifelong partnership, and that everyone could use an expert guide. We work hard, care deeply and reach further to help people uncover their own power to be healthy. We inspire hope. We learn, grow, and achieve more – in our careers and in our communities.

Job Description Summary:

The Senior Information Security Engineer will be responsible for analysis, design and support for the Enterprise SIEM application and infrastructure. Perform enterprise network assessment to develop the enterprise logging methodology. Create and maintain customized dashboards for the Incident Response Team and Information Security Leadership.
ATTRIBUTES

• Track record for remaining unbiased toward any specific technology or vendor; (i. e. more interested in results than personal preferences)-
• Ability to quickly comprehend the functions and capabilities of new technologies-
• Excellent interpersonal skills in areas such as teamwork, facilitation, and negotiation-
• Ability to effectively communicate security issues to peers and direct management
• Certification: AWS Cloud Architect, CCSP
• Certifications: Security+, CCNP, PCCSA, PCCSE, PCNSA
• Certifications: CISSP, CRISC, CFCE, GCIH or equivalent security certification
• Advanced Degree in Computer Science, Information Security, or related technical major or significant related experience
• Proven ability to commuicate compliance, technical and nontechnical information to varied audiences, including executives, with impact.
• Proven ability to establish and maintain effective, respectful, and trusting relationships with individuals at all levels of the organization, external colleagues and vendors representing varying needs, personalities, and styles.
• Experience designing secure networks architectures
• Experience designing secure system architectures
• Experience designing secure cloud architectures
• Ability to troubleshoot cloud security issue.
• Ability to troubleshoot security issues associated with network controls such as firewalls, NAC, etc
• Ability to troubleshoot security issues associated with system and data controls such as anti-virus, EDR, DLP, etc.

DUTIES

• Secure cloud platforms hosted by Amazon, Azure, and Google
• Secure cloud workloads, services, and applications
• Review current network security measures, recommend and implement enhancements
• Review current system security measures, recommend and implement enhancements
• Ensure continuous monitoring of network security
• Develop project timelines and set expectations for security projects and remediations
• Ensure all personnel have access to the IT system limited by need and role
• Support Incident Reponse events and drills
• Secure the network perimeter and other network security zones using best practice, auditable methods
• Research new solutions and stay current on technology and associated controls
• Design and plan projects and process improvement to insure efficient execution
• Analyze organization's Enterprise Defense policies and configurations and evaluate compliance with regulations and organizational directives.
• Conduct and/or support authorized penetration testing on enterprise network assets
• Prepare audit reports that identify security, technical and procedural findings, and provide recommended remediation strategies/solutions and assessments of risk
• Analyze penetration test results and determine remediation steps
• Assess the security needs of the organization against industry information security standards, frameworks, and best practices
• Conducts threat and vulnerability assessments and determine deviations from acceptable configurations or policies.
• Ensure continuous monitoring of system and data security
• Respond to network security operational incidents and complete standard move, add, change tasks
• Respond to system and data security operational incidents and complete standard move, add, change tasks
• Provide security guidance to OhioHealth leaders and personnel to assist with technology decisions and use
• Assist with all security activities to insure PCI, GDPR, and HIPAA compliance
• Work collaboratively with other IT and Information Security teams to efficiently move projects forward and efficiently resolve support issues.
• Respond to, resolve, and analyze for root cause to continually to reduce the impact and ocurrences of security issues
• Administer and maintain firewalls, proxy servers, and other traffic flow security controls
• Monitor security audit and intrusion detection system logs for system and network anomalies.
• Develop security technology roadmaps and plans to insure long term objectives are achieved
• Create and track Key Performance Indicators and Key Risk Indicators
• Create and update security and engineering documentation
• Develop Standards and Best Practice for Information Security

KNOWLEDGE

• Working knowledge of layer 2 and 3 technologies
• Working knowledge of link state routing protocols, (OSPF, BGP, etc)
• Working knowledge of common security controls and associated industry standard controls and frameworks
• Working knowledge of system and application security threats and vulnerabilities (e. g. , buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
• Knowledge of network protocols (e. g. , Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP], domain name Service (dNS))
• Working knowledge of Palo Alto, Checkpoint, Cisco Firewalls and networking devices
• Working knowledge of IaaS, SaaS, PaaS, and other cloud related cloud structures
• Working knowledge of Cloud Coding best practices
• Working knowledge of encryption methodologies.
• Working knowledge of Linux Operating System and Linux administration best practices
• Working knowledge of Windows Operating System and Windows administration best practices
• Working knowledge of Active Directory Operating System and Active Directory administration best practices
• Working knowledge of regulatory and contractual compliance, including PCI, and HIPAA requirements for information systems, security and privacy.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity. Knowledge of cybersecurity principles.
• Knowledge of information security principles and processes-
• Knowledge of routing, switching, and load balancing
• Working knowledge system hardening techniques
• Working knowledge of IT Risk Assessment techniques, tools, and methodologies
• Working knowledge of Identity Management (SSO, MFA)
• Knowledge of disaster recovery, computer forensic tools, technologies and methods

QUALTIFICATIONS

• Skill in assessing the robustness of security systems, data controls, and designs.
• Skill in assessing the robustness of security networks, network controls, and designs.
• Skill in detecting network based intrusions via intrusion detection technologies.
• Skill in detecting host intrusions via intrusion detection technologies.
• Skill in performing packet-level analysis using appropriate tools to identify network anomalies.
• Skill in conducting vulnerability scans and guiding remediation efforts to security systems and networks.
• Skill troubleshooting network security technology issues
• Skill troubleshooting system and data security technology issues
• Skill to create multiple technical solutions to business security problems
• Skill Scrypting using Python, Powershell
• Skillful at estimating the financial impact of security initiatives
• Skillful at prioriizing tasks to deliver highest priority efforts in timely manner.
• Excellent general analytical and technical skills
• Strong written and verbal communication skills
• Strong planning and organizational skills

Minimum Qualifications:

Bachelor's Degree (Required)

Knowledge of Splunk Processing Language and Splunk Search Language. Programming and development skills in at least some of following Python, Perl, PowerShell, shell scripting, regular expressions (REGEX required). Extensive knowledge of a tier SIEM installation; indexers, forwarders, search heads, clusters. Supports large-scale deployments across multiple Data Centers. Monitors and tracks SIEM performance problems and administration. Develops reliable, efficient queries that will feed custom Alerts, Dashboards, Reports and Data Models. Solid understanding of logging technologies (syslog, Windows and UNIX native logging). Support SIEM on Linux, Windows and virtualized platforms. Working knowledge of LAN/WAN equipment, network security applications, and related services A broad background in technical infrastructure, including servers, networking devices, and storage is very desirable.

Work Shift:

Day

Scheduled Weekly Hours :

40

Department

Information Security

Join us!
. if your passion is to work in a caring environment
. if you believe that learning is a life-long process
. if you strive for excellence and want to be among the best in the healthcare industry

Equal Employment Opportunity

OhioHealth is an equal opportunity employer and fully supports and maintains compliance with all state, federal, and local regulations. OhioHealth does not discriminate against associates or applicants because of race, color, genetic information, religion, sex, sexual orientation, gender identity or expression, age, ancestry, national origin, veteran status, military status, pregnancy, disability, marital status, familial status, or other characteristics protected by law. Equal employment is extended to all person in all aspects of the associate-employer relationship including recruitment, hiring, training, promotion, transfer, compensation, discipline, reduction in staff, termination, assignment of benefits, and any other term or condition of employment