Security Engineer Senior

HealthEast

Security Engineer Senior

Job ID 2017-7038
Job Location US-MN-St. Paul
Category Is/Information Services
Contract Status ND
FTE 1.00
Authorized Hours ..
Shift Days
Department IS Security
Standard Work Schedule ..

More information about this job:

Overview:

The Sr Information Security Engineer is responsible to effectively plan, design and administer a comprehensive corporate-wide Information Services Security program to ensure the confidentiality, integrity and availability of information throughout HealthEast’s systems.  Provide technical expertise and direction in developing and supporting business and technology applications to ensure they are deployed and operate securely, ensuring the underlying policies and procedures are supported. Provide oversight of new and existing policies, standards and practices.

In this role you will be expected to have your CISSP.

**No agencies please**

Responsibilities:

  • Design, Lead and conduct Comprehensive Risk / Vulnerability systems assessments to identify vulnerabilities, Including providing reporting on assessment results as well as risk mitigation recommendations and plans. Communicates known security Risks and solutions to mitigate risks to business and technology partners as needed. Maintains knowledge of, and complies with, all relevant laws, regulations, policies, procedures and standards.
  • Actively participates in leading, creating and implementing improvements in security threat monitoring, attack methods, and incident response.
  • Serves as security expert for day-to-day inquiries related to security/confidentiality. Ensures optimum confidentiality of information through enforcement of, and educational opportunities for information security policies/procedures. (Operational Compliance Monitoring).
  • Ensures that proper action is taken in response to potential and verified unauthorized disclosure of information through the Incident Response Team (IRT).
  • Evaluates new and existing projects and technologies related to information security to ensure that risk is appropriately addressed. Ensures processes and products that are under consideration by HealthEast meet security HealthEast security standards. (Risk Assessment)
  • Host and Application Assessments and Penetration Testing – Periodic testing of systems to mitigate security concerns utilizing tools such as MBSA (Microsoft Baseline Security Analyzer), Nessus, CVSS scoring, Burp, application testing tools, etc.
  • Manages projects and project security reviews involving multiple levels of staff and management.
  • Monitors information and security systems to ensure appropriate audit trail and logging mechanisms for user access exist; reviews data with appropriate managers/staff and reports evidence of unauthorized access to the appropriate individuals for investigation and potential education/disciplinary action. (Periodic Review)
  • Participates in the interpretation, revision, distribution and enforcement of Information Security Policies, Standards and Procedures.
  • Partners with Human Resources, Legal, and other departments and utilizes forensic tools in response to events or investigations.

Qualifications:

  • Bachelor’s degree in Computer Science, Engineering or closely related field required or closely related field required or equivalent education and experience.
  • 10 years experience required in Information Technology.
  • 7 or more years experience in leading Information Security projects.
  • Experience working in a team-oriented, collaborative environment with cross functional teams.
  • Knowledge of Industry, best practices and standards such as ISO 17799, regulations such as HIPAA, and other laws relating to data privacy and protection.
  • Strong understanding of and extensive experience working with automated information security assessment and risk management/remediation tools.
  • Solid understanding of technology and networking including TCP/IP and related protocols.
  • Also strong knowledge of computer operating systems including Windows, Unix,  and Linux
  • Analytical Thinking: Ability to Identify issues, obtain relevant information, relate and compare data from different sources, and identify alternative solutions.
  • Attention to Detail: Achieves thoroughness and accuracy when accomplishing a task.
  • Coaching: Ability to provide guidance and feedback to help an employee or groups of employees strengthen their knowledge, skills and abilities to accomplish a task or solve a problem.
  • Computer Skills Advanced: Skilled in specialized computer software.
  • Ability to use more advanced functions, formulas and other special elements of the specific program or application.
  • Interpersonal Communication: Skilled in developing effective rapport with customers, co-workers, or families, actively listening to develop a positive connection.
  • Organization: Effective management of projects, deadlines, and work load prioritizing; putting things together in an orderly and functional whole.
  • Problem Solving: Identifies problems; determines accuracy and relevance of information; utilizes appropriate tools and staff resources along with sound judgment to generate and evaluate alternatives, and to make recommendations.
  • Quality Improvement: Systematic approach to reduction or elimination of errors, work back-flow.
  • Technical Writing: Ability to write technical information in a clear and concise manner and to be able to convey information appropriately for a variety of audiences.
  • Troubleshooting: Ability to identify, diagnose, and correct problems with workstation, server, and network hardware and software.

About HealthEast

At HealthEast, our patients are our neighbors and we are dedicated to their, and our, optimal health and well-being. We are guided by our faith-based heritage, a call to healing that respects the dignity and culture of every person. We empower our patients with user-friendly access to their health information, dependable service, and affordable, high-quality care.

We put new, more efficient models of care into practice, allowing our 7,500 employees and 850 physicians to focus on what’s important: providing compassionate health care that puts the patient and their needs first. With 14 clinics, home care, a medical transportation center, and four hospitals — Bethesda Hospital, St. John’s Hospital, St. Joseph’s Hospital, and Woodwinds Health Campus — we provide excellent family health and specialization, including primary, maternity, orthopaedics and post-acute care.