Overview:
At Atlantic Health System we believe Talent Acquisition plays a direct role in building healthier communities through the talent we acquire. We partner with clinical leaders to identify and hire the most intelligent, innovative, and creative minds to build and expand teams for the advancement of our community's needs.
The cybersecurity Engineer 2 position requires a cybersecurity professional who is results oriented, multi-disciplined, and comfortable in implementing system security solutions in multi-vendor complex healthcare environment. This position is responsible for the research, technical analysis, recommendation, configuration, and administration of systems and procedures to ensure the protection of information processed, stored, or transmitted in Atlantic Health Systems computing environments. This position provides security design, consultation, and technology governance oversight for various projects and initiatives. The incumbent also assists system users relative to cybersecurity matters and undertakes complex projects requiring additional specialized technical knowledge. This position acts as a cybersecurity liaison to various business units and other corporate entities as well as the Information Services & Support department.
Working knowledge of industry standard security technologies and encryption/cryptography protocols and best practices, routing protocols and routing table configuration assignment, authentication, authorization and directory services. Ability to develop specific proactive procedures for detection of security breaches and identifying security risks via architecture and design review as well as baseline accepted security standards. Demonstrated experience in operating system, application, and network penetration testing and vulnerability assessment. Should have experience in liaising with system and network administrators to help remediate the impact of the identified risks and vulnerabilities at the platform level. Demonstrated conceptual, analytical and innovative problem-solving and evaluative skills, an ability to conduct independent research and analysis in the event of a security breach, identifying issues, formulating options, proactively closing the security loop-holes, and making conclusions and recommendations. Demonstrated knowledge of security controls for network, application and operating systems. Strong knowledge and work experience with logical access controls to ensure confidentiality, integrity and assurance of proprietary information. Knowledge and understanding of business processes and information systems of a healthcare institution. Demonstrated interpersonal skills; including the ability to work effectively in a team environment. Proven ability to work with staff and management in the Information Security and Information Services & Support divisions. Capacity to work independently and willingness to seek advice/assistance. Excellent time management and organizational skills. Willingness to work outside of regular business hours as required which may include evenings, nights, weekends, holidays.
Competencies/Security Technologies
- Computer, Network, and Policy Auditing
- Security Information and Event Management (SIEM)
- Risk Assessment/Risk Mitigation
- HIDS, NIDS, Firewalls, Networking, and Perimeter Security Fundamentals and Best Practices
- Security Incident Handling/Response and Risk Management
- Proper Evidence Handling and Integrity Best Practices
- Cryptography, PKI, and Steganography
- Information Warfare and Data Assurance Principles
- Knowledge of Viruses, Malware, Spyware, Trojans, etc
- Log File Analysis and Alerting
- Designing, Engineering and Review of Secure Architectures
- IDS/IPS, SIEM, Web Content Filtering/web proxies, AV/FDE/RME, IAM, MDM, Firewalls, DLP, Application Auditing, Electronic Discovery, Vulnerability Scanning
- Workforce Information Security Awareness Education Training (Creation of Content/Presentations – Delivery of same)
- Reviews/updates cybersecurity and Information Services & Support policies
- Bachelor’s Degree in Computer Information Systems, Computer Science, MIS, Engineering or related technical discipline. Equivalent work experience in the Information Technology field will be considered coupled with relevant Cyber Security certifications.
- Minimum 2 years of direct information security experience within an Information Technology organization (preferably in a Healthcare environment)
- Will be able to illustrate a consistent and logical pattern of strategic career investments and professional development that have helped them develop the skills and experience required to be an effective Information Security Engineer. This can include advanced education, industry certifications, professional development, industry thought leadership, and other external interests and pursuits. (I.e. community involvement, philanthropy, etc.)
- Experience with Zscaler
- Active certifications from SANS, ISACA and ISC2 extremely desirable.
Atlantic Health System, Inc. is an equal employment opportunity employer and federal contractor or subcontractor and, therefore, abides by applicable laws to protect applicants and employees from discrimination in hiring, promotion, discharge, pay, fringe benefits, job training, classification, referral, and other aspects of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, gender identity or expression, sexual or affectional orientation, national origin or nationality, citizenship status, disability, age, genetics, protected veteran status, ancestry, marital status.
