Information Systems Security - Experienced Engineer
Parkland Health · Dallas, TX · 3 mo ago
Information TechnologyFull-time
Primary Purpose
The primary responsibility of this position is to ensure the confidentiality, availability and integrity of Parkland's data, computer systems and network devices by recommending, implementing and utilizing security defense systems to reduce the opportunity of cyberattacks.Minimum Specifications
- Education: Must have a Bachelors degree in Management Information Systems.
- Experience: Must have two years of experience in an information systems security domain with a background in mobile device security, endpoint protection, wireless protection, vulnerability management, incident response and mitigation, threat research and cyber intelligence analysis or other cyber security domain.
- Certification/Registration/Licensure: Must have a current CompTIA Security+ Certification or equivalent in industry certification, background and knowledge within 6 months of placement into position.
Skills or Special Abilities
- Knowledge: Knowledge in NIST, HITRUST and associated common security frameworks.
- Professional Experience: Professional experience in a system administration role supporting multiple platforms and applications.
- Communication: Ability to communicate complex security issues to peers and management.
- Critical Thinking: Ability to comprehend results of mobile code, malicious code, and anti-virus software.
- Risk Assessment: Ability to perform research in order to determine industry standard products and solutions in response to security requirements.
- Technical Skills: Superior writing skills and the ability to communicate effectively. Working knowledge of design, implementation, and maintenance of: Local area networks, Microsoft Active Directory / GPO, Data Loss Prevention, Encryption Technologies, Vulnerability Management, Intrusion Detection Systems, Intrusion Prevention Systems, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor authentication, Cloud Access Security Broker, Endpoint Detection and Response Technologies, Security Information and Event Management Tools. Must have working knowledge of the HIPAA Security Rule and PCI.
Responsibilities
- Research and Investigation: Research and investigate the potential impact of new threats and exploits. Conducts log analysis and other network forensic investigations.
- Support Security Technologies: Supports security technologies and processes for scanning, testing, monitoring, and reporting.
- Project Execution: Supports the execution of security projects that improve detection and response capabilities.
- Alerting and Detection: Develop alerting and detection strategies to investigate any unusual behavior.
- New Defensive Techniques: Develop new defensive techniques to recognize any changes in adversary techniques and tactics.
- Network Scans and Penetration Tests: Conduct various network security scans and penetration tests to detect cybersecurity threats and identify weaknesses that may be exploited by malicious parties.
- Breach Response: Responsible for playing an active role in minimizing the negative impact if a security breach should occur. Conduct a cooperative in-depth technical investigation on how the breach occurred to gain an understanding of the extent of the damage.
- Implementation Analysis: Supports implementation analysis and technical risk assessments on systems to ensure conformity to current security standards and operational support requirements are being met.
- Risk Assessments: Supports technical risk assessments for Parkland technology and identifies items requiring remediation. Examples of targeted technologies include but are not limited to firewalls, routers, switches, servers, AIX systems, and applications.
- Tool Maintenance: Supports technical risk assessments for Parkland technology and identifies items requiring remediation. Examples of such tools are web filtering technology, IDS/IPS appliances, SIEM tools, antispam/antivirus systems, data leakage appliances, content screening servers, VPN systems and firewalls.
- Compliance: Maintains knowledge of applicable rules, regulations, policies, laws and guidelines that impact Parkland. Participates in the creation of effective security controls designed to promote adherence with applicable laws and accreditation agency requirements. Seeks advice and guidance as needed to ensure proper understanding.
- Continuous Learning: Stays abreast of new developments in the field of technology and security by attending seminars/workshops, reading professional journals, and actively participating in professional organizations. Integrates knowledge gained into current work practices.