IT Security & Facilities/Mail Services, Professional, Security Engineer
Status: Full-time, Exempt: Yes
A Security Engineer works to ensure MVP’s systems and business critical functions are secure and available. In this position the individual will design, build, test, and implement security systems within MVP’s business and IT environment. The Security Engineer must have a good understanding of MVP's IT systems to anticipate possible security risks, identify areas of weakness, and respond effectively to possible security incidents and breaches. Will be responsible for assisting with the building, maintenance and administration of the MVP’s security infrastructure. Individual will work the security architect and mentor the security analysts with security support and incident response.
- Direct and oversee Security Analysts in their duties and responsibilities.
- A good understanding of the MVP’s technology and IT systems.
- Promptly responding to all security incidents and providing thorough post-event analyses.
- Following and improving security playbooks and runbooks.
- Assist Security Architect with Planning, researching, and designing security architectures.
- Reviewing current system security measures and recommending and implementing enhancements.
- Provide security guidance for any IT projects.
- Conducting regular system tests and ensuring continuous monitoring of IT security.
- Working on security specific projects.
- Review vulnerability scan results and vendor alerts. Assist with patch management process ensuring critical patches are applied in a timely manner.
- Assisting with Developing, reviewing, and approving the security requirements for all applications and systems including servers, endpoints and network devices.
- Remaining up to date with the latest security systems, standards, authentication protocols, and products.
- Working with Enterprise Architects to implement a software security standard across the environment, ensuring all approved software meets those standards.
- Participate in all facets of security requirements gathering, prioritization, development, testing, and execution of requests.
- Build strong cross-organizational relationships. Work collaboratively across the IT organization.
- Update job knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks, participating in professional organizations, and obtaining security certifications.
- Assist with security table-top exercises
- Participate in the security queue rotation being available on call after normal hours and weekends.
- Assist Architect with monitoring and alerting is comprehensive and up to date in SIEM.
- Prepares security reports by collecting, analyzing, and summarizing data and trends.
- Performs other related duties as assigned.
This position may be worked remotely (virtual).
Bachelor’s Degree or equivalent experience in Cybersecurity, Computer Science, Information Systems or related field.
5+ years’ work experience in related health care business or IT position.
3+ years’ experience with IT Security technologies.
Experience in information security and/or IT risk management with a focus on security, performance and reliability.
Experience with Incident Response and Security Event Investigations.
Experience with Network, Server, and End Use Device Security Technologies.
- Solid understanding of endpoint security.
- Solid understanding of Infrastructure technologies and how to secure them.
- Solid understanding of security protocols, cryptography, authentication, authorization, and security.
- Good working knowledge of current IT risks and experience implementing security solutions.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- Excellent written and verbal communication skills as well as business acumen and a commercial outlook.
- Ability to mentor and teach junior level security team members.
- Possess the ability to effectively prioritize of tasks, projects, etc. in a dynamic environment.
- Possess strong analytical skills with knowledge of network and security software and tools.
- The ability to manage a project including creating a detailed task plan and facilitating the responsible parties to accomplish those tasks.
- Keen attention to detail.
- Interpersonal skills (e.g., partnering, conflict management, mentoring), with strong verbal and written communication skills, and the ability to interact with most levels of business, technical and end users.
- Team oriented: Comfortable working in a team environment as well as independently and possess a sense of accountability and urgency in completing assignments.
- Familiarity with HIPAA regulations, medical terminology, healthcare, or financial and billing processes is a plus.
MVP Health Care is an Affirmative Action/Equal Opportunity Employer (PDF). We recruit, employ, train, compensate, and promote without regard to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, disability, genetic information, veteran status, or any other basis, e.g., Pay Transparency (PDF), protected by applicable federal, state or local law. Any person with a disability needing special accommodations to the application process, please contact Human Resources at firstname.lastname@example.org.