IT Security Engineer

Under the direction of the CISO, this role is responsible for building and operating security measures across both on-premise and cloud resources at Pediatric Associates Family of Companies (PAFC). The role is an individual contributor but must have the power to lead, influence and execute leveraging vendor partners, collaborating with stakeholders, and performing work themselves.

ESSENTIAL DUTIES AND RESPONSIBILITIES

This list may not include all of the duties that may be assigned.

• Develop and lead implementation of security standards and practices that effectively and efficiently reduce risk for the organization's digital resources, and partner with the IT infrastructure and engineering teams to implement, operate and monitor those standards and practices.
• Develop and lead implementation of standards and practices that embed security ("DevSecOps") into the workflow and operation of the organization's custom-developed applications, and partner with the software development and DevOps resources to implement, operate and monitor those standards and practices.
• Assess and leverage third-party resources and solutions to maximize and streamline the implementation and operation of security processes and procedures.
• Act as a subject matter expert (SME) for security tools, applications and processes, including how they're integrated into the Software Development Lifecycle (SDLC) and IT change management.
• Develop and maintain documentation and diagrams for security tools, system environments, and IT security operations.
• Contribute to the development, testing and maintenance of the organization's incident response plan and procedures.
• Investigate potential threats across the organization and respond to incidents per the prescribed procedures.

QUALIFICATIONS

EDUCATION : Minimum two-year post-secondary degree (e.g., Associates) required. Four-year Bachelor's degree in information security, information systems or similar field preferred.

EXPERIENCE : 5 or more years working in information security engineering and architecture required. 2 or more years securing Microsoft365 and / or Microsoft Azure platform required. 2 or more years working in the healthcare industry in an information security capacity preferred.

LICENSURE / CERTIFICATION

• CISSP or similar preferred.
• Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

KNOWLEDGE, SKILLS AND ABILITIES

• Be a technical leader who can think strategically, has extensive technical knowledge, and can leverage technology, automation and managed services to scale delivery of capabilities.
• Understands and continuously learns modern security architecture and solution strategies across people, process and technology.
• Technical understanding of and experience with Microsoft365 and Microsoft Azure and their respective security and compliance features.
• Technical understanding of and experience with modern security technologies such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), firewalls, Data Loss Prevention (DLP), vulnerability assessment tools, Cloud Security and Posture Management (CSPM) platforms, etc.
• Experience with scripting and network engineering a plus.
• Incident response plan development, implementation and operation.
• Stay current with the latest security trends, threats, and regulatory changes to ensure we stay ahead of the curve.
• Assessing and developing information security policies, procedures, standards and guidelines.
• Ability to effectively leverage vendor resources and professional services to deliver results.
• Excellent verbal and written communication skills; collaboration and interpersonal skills.
• Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment.
• Independent judgement and decision-making abilities.

TYPICAL WORKING CONDITIONS

• Full time remote.
• Must be U.S. based.
• Operating computer.
• May require sitting while operating computers.

OTHER PHYSICAL REQUIREMENTS

• Vision
• Sense of sound
• Sense of touch

PERFORMANCE REQUIREMENTS

Adhere to all organizational information security policies and protect all sensitive information including but not limited to ePHI and PHI (Protected Health Information) in accordance with organizational policy, Federal, State, and local regulations.

It Security Engineer • Plantation, FL, United States