** U.S. Citizens **
Top Three Skills:
1. End point protection – Managmenet of Symantec or Crowd Strike in an enterprise environment
2. Vulnerability Management – Tenible and Nessus - Running reports, running scans and remediating the tools if there are errors
3. Scripting with python or bash for customization, automation and building of reports.
Ideally this person will have a CISSP, if not be willing to get one within a year of starting.
The ISO Information Security Office is focused within three main areas, Compliance, Risk and Applications and Architecture. They partner will the business as well as all groups across the company to protect the enterprise of the health system.
Seeking a Security Engineer to join their team as a full-time employee. They will report directly to the Security Applications and Architecture Manager - the team will be made up of 3 individuals ranging in skill level and technical background. The manager describes his leadership style as not a micromanager, wants people to be excited about their work. He has been with the company for 11 years and can assist in coordinating people with other teams.
The ISO Application and Architecture group is responsible for managing the tools involved with end point protection, vulnerability management, DLP, encryption, etc. They partner with other technical groups across the company in order to provide education on how tools function, assist in reporting and remediation of events.
Tools in their environment consist of:
Tenable, CyberArk, Nessus, Symantec, Centrify.
Ideally this person will have a systems admin focused background as so much of the work they do are based on those systems – scripting skills are a requirement, whether it be python, bash – the language is not as important as the ability to script for customization and automation.
A nice to have would be experience with privileged access management as they are currently in the process of selecting a tool to implement in the environment.
The ISO is a collaborative group of individuals who the Director describes as humble, kind and focused. These traits are important to her as her leadership style provides a lot of autonomy to the employees in the ISO and lends to a very healthy work environment.
An Analyst III should have their CISSP or other relevant certification such as OSC, Analyst II should have plans to obtain it within the first year.
The Director of the ISO very much values education, while it is not required, she prefers candidates with a Bachelor’s degree.
Flexibility is provided with this role to work remote a day or so a week after being acclimated.