Skip to Main Content
← Back to Jobs

Information Security Engineer 14715

Northern Arizona Healthcare Flagstaff, AZ
  • Posted: over a month ago
  • Other
The Information Security Engineer is responsible for the operations and maintenance of enterprise information security controls and for ensuring the appropriate operational security procedure is maintained for information systems, programs, and data. The Engineer will also maintain and assist in developing the processes and systems to effectively manage the operations of security systems throughout the enterprise. The Engineer will advise on security best practices, security strategy, security architecture, and security design work. The Engineer will work within the Operations and Engineering team that monitors and protects NAH systems from ongoing threats and will be responsible for enforcement of policies, standards and procedures. The Engineer ensures the organization is prepared to take a proactive stance to defend against emerging security threats and respond to active threats without delay





Security Controls performance/management

* Assists in the development, implementation, and day to day maintenance of IT security & control infrastructures. Provides on staff consulting for security requirements in system development activities, policies, standards and procedures.



* Conducts routine information security procedures including, documentation, metrics reporting, change control, maintaining ticketing queues, vulnerability scanning, assessment, vulnerability management, etc.



* Supports the implementation and ongoing operations of access controls and user access rights as required.



* Conducts AV and intrusion tests to assess the probability of risks occurring and the impact on the organization.



* Works collaboratively with multidisciplinary teams to implement new technology, support existing, and at times does so after normal business hours.



* Monitors centrally critical systems and responds to security events according to procedure and experience.



* Installs, configures, manages, and maintains mission-critical enterprise applications such as AV, software delivery, patching, log management and other technical controls.



* Supports the Incident Response Team during a cyber-incident.



* Provides technical support for day-to-day security operations, change management and business continuity programs.



* Troubleshoots security systems and related issues.





Leadership/Decision Making

* Provides mentoring to staff as a means to develop job satisfaction and coordinates cross-training opportunities with other technical support groups.



* Researches and recommends security solutions and products and implements new security controls. Maintains knowledge of applicable IT security practices.





Financial Management

* Identifies cost savings opportunities through the expanded or enhanced use of technology.



* Assists in establishing overall IT Security budget.





Compliance/Safety

* Responsible for reporting any safety-related incident in a timely fashion through the Midas/RDE tool; attends all safety-related training programs; performs work in a safe manner; monitors work environment for possible safety issues and ensures others are also performing work in a safe manner.



* Stays current and complies with state and federal regulations/statutes and company policies that impact the employee's area of responsibility.



* If required for the position, ensures all certifications and/or licenses are up-to-date and valid prior to expiration dates.



* Completes all company mandatory modules and required job-specific training in the specified time frame.



* Maintains up to date knowledge regarding emerging security threats and corrective action. Applies strategy and tactical responses in real-time in a high stress and changing environment.



* Performs mock intrusion and penetration testing to identify security gaps and creates and implements corrective action





Bachelor's of Science Degree in Information Systems, Computer science or related field- Required







Certification & Licensures

One or more senior information security certifications (CISSP, CISA, CEH, CISM, GIAC)- Required







Experience

Minimum of four (4) years of relevant security and network experience- Required



Minimum of two (2) years experience with End User Workstation security and configuration- Required







Experience in at least one of the following disciplines: Endpoint Security (AntiVirus/AntiSpyware/IPS), Web Content Filtering, Application Aware firewalls, and/or Encryption, Security Event/Incident Monitoring- Required



Technical knowledge and extensive hands on experience with security and networking architecture, networking protocols, network security design, wireless security, intrusion prevention/detection, firewall architecture, and incident management response systems- Required







Experience with scripting technologies, LDAP, Active Directory; Group Policy; and domain architecture- Required







Experience with Single Sign on solutions (i.e., Imprivata, Vergence)- Required







Experience with Citrix hosted applications- Required



Implementation or IT operational experience with end user product in a healthcare environment- Required







Experience with formal security auditing process and mediation planning- Required











Healthcare is a rapidly changing environment and technology is integrated into almost all aspects of patient care. Computers and other electronic devices are utilized across the organization and throughout each department. Colleagues must have an understanding of computers, and competence in using computers and basic software programs.







Requisition ID: 2019-5193

Street: 1200 N, Beaver St.

Call Required: Yes

Full Name: First Last: DAWN JOHNSON

Email Address: dawn.johnson@nahealth.com

Shift: Days

Northern Arizona Healthcare

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.

What email should we contact you at once we get salary info from the hiring manager?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.

Our qualification feature is only available to registered members - what email address would you like for us to keep on file?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.