Security Engineer Jobs in Rochester, NY (NOW HIRING)

Job Description:

Summary:

The IT Cloud Engineer - Security provides the vision, strategy, functionality, and technology solutions for creating and maintaining security system and solutions for both public and private cloud infrastructure-based solutions. This position collaborates with the Information Technology teams to lead the organization toward the deployment of technologies which focus on the trust, risk, and security management of the company environment. These may include PaaS, SaaS, hosted, and on-premises solutions - allowing for flexible, secure, on-demand cloud-like functionality and services while endeavoring to provide resiliency and achieve cost reduction, while maintaining a highly secure and flexible environment.

Essential Accountabilities:

Level I

• Enforces and integrates security solutions, tools, and appropriate controls to align to security policies, standards, and procedures.
• Stays current with leading security technologies, standards, and best practices as well as cyber threat landscape and evolving mitigation approaches and techniques.
• Acts as a high-level escalation tier for operational support in assigned technical areas.
• Conducts proof-of-concept testing in a lab environment.
• Creates, updates, and maintains supporting documentation for technology standards.
• Designs and deploys security solutions to support and ensure alignment with business requirements.
• Works with technology vendors and technical subject matter expert (SME) to produce corporate standards with regards to assigned technology areas.
• Collaborates and/or leads engineering solutions, integrating multiple systems and/or technologies.
• Consistently demonstrates high standards of integrity by supporting the Lifetime Healthcare Companies' mission and values, adhering to the Corporate Code of Conduct, and leading to the Lifetime Way values and beliefs.
• Maintains high regard for member privacy in accordance with the corporate privacy policies and procedures.
• Regular and reliable attendance is expected and required.
• Performs other functions as assigned by management.

Level II (In addition to Level I responsibilities):

• Acts as a primary engineer for assigned technology areas maintaining highly performant and optimized infrastructure environment.
• Researches technologies and perform analysis that significantly contributes to budget and expenditures for assigned technology areas.
• Collaborates and participates in the development and execution enterprise strategy in the assigned technology area.
• Assists in the RFI/RFP process.

Level III (In addition to Level II responsibilities):

• Research and recommended solution designs. Establishes business justifications for purchases made within assigned technology areas.
• Significant contributor to automation workflows and focuses on automation for job-related tasks.
• Performs system analysis and capacity planning of security assets.
• Assists with mentoring of Level I and II Engineers.

Level IV (In addition to level III responsibilities):

• Acts as trusted advisor to the management team.
• Emphasizes technology cost optimization when designing new solutions.
• Leads business critical projects efforts for IT infrastructure.
• Leads internal strategic efforts, collaborates, and mentors peers.

Minimum Qualifications:

NOTE:

We include multiple levels of classification differentiated by demonstrated knowledge, skills, and the ability to manage increasingly independent and/or complex assignments, broader responsibility, additional decision making, and in some cases, becoming a resource to others. In addition to using this differentiated approach to place new hires, it also provides guideposts for employee development and promotional opportunities.

Level I:

• Four (4) years of related experience.
• Associates degree in Computer Science, Information Technology, or related field In lieu of degree, three (3) years of related work experience required. Bachelor's degree preferred.
• Intermediate knowledge of security, compliance, and audit policies/procedures.
• Basic experience with research, design, and implementation in assigned technologies.
• Basic infrastructure operations and infrastructure project delivery experience essential.
• Basic scripting and automation experience.
• Advanced communication skills.
• Intermediate understanding of cloud computing infrastructure and concepts.
• Intermediate knowledge of securing cloud and/or on-prem (i.e.: ability to secure disparate systems).
• Intermediate ability to engineer and integrate new security designs with an emphasis on solutions that align with overall security strategy.
• Demonstrates intermediate knowledge of a minimum of two (2) concepts and/or tools listed below: Encryption, PKI, Network and application security, and related firewalls (Palo Alto Networks, Imperva, Azure, AWS, etc.), Identity management (AD, Entra ID, conditional access, MFA, SSO, etc.), Virus detection and end point security (Defender preferred), Vulnerability scanner and pen testing tools (e.g., Rapid 7, Nessus, Nexpose, Metasploit, Appscan, Burp suite, Ida Pro etc.), IDS/IPS and related tools, Comprehensive Cloud security platform (Palo Alto Prisma), Security logging and monitoring (SIEM e.g., ArcSight, Splunk, SolarWinds LEM, Azure Sentinel, AWS Guard Duty, etc.), Common web application security vulnerabilities (e.g., OWASP), Application security, Security architecture principals/concepts (i.e., Zero Trust)

Level II (in addition to Level I qualifications):

• Intermediate knowledge of security, compliance, and audit policies/procedures.
• Intermediate knowledge of a minimum of three (3) concepts and/or tools listed above.
• Intermediate Security operations and infrastructure project delivery experience.
• Demonstrates intermediate technical documentation ability.
• Intermediate experience with IT computing resource management and optimization.
• Displays advanced business maturity and demonstrated confidentiality.
• Intermediate knowledge of Disaster Recovery.

Level III (in addition to Level II qualifications):

• Advanced knowledge of a minimum of four (4) concepts and/or tools listed above.
• Strategic vision in alignment with business objectives.
• Intermediate scripting and automation experience preferred.

Level IV (in addition to Level III qualifications):

• Advanced knowledge of a minimum of five (5) concepts and/or tools listed above.
• Demonstrated advanced competency in team leadership/technical leadership, facilitation, and project leadership.
• Advanced understanding of Disaster Recovery procedures related to IT infrastructure.
• Advanced knowledge of security, compliance, and audit policies/procedures.
• Advanced scripting and automation experience.

Physical Requirements:

• Ability to travel across the Health Plan service region for meetings and/or trainings as needed.
• Ability to work in a home office for continuous periods of time for business continuity.
• Ability to provide on-call rotation support.

************

In support of the Americans with Disabilities Act, this job description lists only those responsibilities and qualifications deemed essential to the position.

Equal Opportunity Employer

Compensation Range(s):

Level I - Min 79,068 Max 142,322

Level II - Min 87,766 Max 157,978

Level III - Min 98,297 Max 176,935

Level IV - Min 110,093 Max 198,168

The salary range indicated in this posting represents the minimum and maximum of the salary range for this position. Actual salary will vary depending on factors including, but not limited to, budget available, prior experience, knowledge, skill and education as they relate to the position's minimum qualifications, in addition to internal equity. The posted salary range reflects just one component of our total rewards package. Other components of the total rewards package may include participation in group health and/or dental insurance, retirement plan, wellness program, paid time away from work, and paid holidays.

Please note: There may be opportunity for remote work within all jobs posted by the Excellus Talent Acquisition team. This decision is made on a case-by-case basis.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.