Description of Position:
The Staff Information Security Engineer prevents, detects, and responds to information threats and security breaches through technical security programs designed to protect the integrity of the organization's networks, systems, applications and data. Maintains and communicates Information Security policies and coordinates company-wide Information Security controls. Supports security administration compliance. Conducts and responds to audits coordinating company-wide information technology controls. Accountable for monitoring and improving quality of services provided. Provide leadership to vendors and manages long-term external vendor partnerships. Delivers strategic and tactical systems initiatives. Oversees the development, deployment, delivery, and support of Information Security services to internal and external business partners.
Tasks and Responsibilities:
Problem Solving and Analysis:
- Responds to alerts indicating security breaches.
- Leads triage and investigation and may coordinate resolution of security incidents.
- Monitors and researches new and emerging threats to preemptively eliminate the possibility of system breach; stays current on information security websites.
- Reports, investigates, and coordinates resolution of security incidents.
- Prepares and communicates threat assessments.
- Determines applicability of threats to environment.
- Provides technical leadership for on-site teams as well as vendor teams including offshore.
- Drives continuous improvement efforts and implements best practices; ensures adherence.
- Leverages key metrics and reports to develop strategies to assess and enhance overall service performance.
- Supports the deployment of new functions/applications into the production environment.
- Assists in developing, implementing and maintaining policies, procedures, and programs for ensuring the security and integrity of company data, databases, information systems, and technology.
Decision Making / Autonomy:
- Drives to facilitate positive outcomes that satisfy the interests and objectives of concerned parties, while upholding the objectives of the scope.
- Embraces new ideas and encourage fellow team members to make innovative contributions.
- Fosters a proactive approach to problem identification and resolution to anticipate a wide range of future needs and opportunities and facilitates development of complex solutions.
- Summarizes escalated issues or recurring problems and participates in the development of improved multi-departmental processes and procedures to resolve those problems.
- Leverages industry standards, best practices and own judgment to determine solutions and anticipate issues.
- Solves complex problems that do not have immediately known solutions, requiring analytical and at times “out of the box” thinking.
Required Skills, Abilities, and Certifications:
- Provides solutions and guidance on projects within and outside the business unit.
- Escalates and provides recommendation on highly complex issues to Senior Leadership.
- Subject to operating plans and policies set within and outside the business unit(s).
- Makes critical decisions that define the direction of the overall environment and projects.
- 5+ years of Information Security experience.
- Bachelor’s degree or equivalent in a related field.
- Experience evaluating and supporting package software solutions.
- Proven experience through the entire life cycle of software development.
- Ability to coordinate efforts across multiple teams and at multiple point in system lifecycle.
- Strong written, verbal, and presentational communication skills.
- Ability to understand and analyze complex business problems in order to define and develop technology-based solutions.
- Ability to work independently and make decisions within the scope of responsibility.
Communications & Interactions:
- Advanced degree in MIS, Computer Science, or related field.
- Demonstrated experience securing large enterprise networks.
- Experience with healthcare Information Security, Compliance and Disaster Recovery.
- Working experience and certifications in current technologies used at client.
- Develop relationships with key stakeholders and management to understand how technology is used to provide IT solution and the relative importance and impact of those solution on the business.
- Communicates and collaborates with leadership and partners on status, issues, and decisions to influence outcomes.
- Translates technology concepts into clear, digestible business appropriate language, creates images, graphics or charts that provide exceptional clarity or add impact to otherwise complex material and package presentations concisely for Leadership.
- Leads meetings with partners to drive decisions.
- Interacts with peer group and partners to drive out role and process best practices and influences and implements change.
- Mentors and trains new or less experienced team members.
- Leads tactical negotiations.
- Advocates product solution and benefits to Leadership.
- Share acquired skills and knowledge with multiple audiences with varying levels of understanding.
- Collaborate with fellow IT team members to improve the quality, security, and scalability of application systems and provide recommendations.