Security Engineer
Overview:
The Security Engineer will play a critical role in advancing the organization’s overall securitymaturity by continuously evaluating and improving the organization’s security framework, ensuring alignment with industry’s best practices, and driving initiatives that reduce risk and
enhance the security posture across the organization. This role is critical in safeguarding the
organization’s data, applications, and systems by designing, implementing, and managing
advanced security solutions. The Security Engineer will focus on security posture, vulnerability
discovery and remediation, protections, CVE monitoring, vendor security, and will collaborate
with cross-functional teams to enhance security practices, as well as back up other security team
members. Daily familiarity with current threats, tools used in-house, risk remediation, and IRT is
essential.
Responsibilities:
▪ Design and Implementation: Implements robust security architectures and solutions to
protect against threats. This includes systems, network devices, intrusiondetection/prevention systems, VPNs, and other various security tools.
▪ Monitoring and Analysis: Continuously monitors for suspicious activities and potentialsecurity breaches. Utilizes analytics tools to identify and mitigate threats in real time.
▪ Incident Response: Participates in incident response activities related to security
breaches. Conducts thorough investigations, root cause analysis, and develop mitigationstrategies to prevent future incidents.
▪ CVE Monitoring and Remediation: Monitors and manages CVEs (Common
Vulnerabilities and Exposures) relevant to the organization. Assists in remediationstrategies and ensure all vulnerabilities are addressed promptly.
▪ Vendor Risk Management: Provides vendor risk management for assigned vendors.
Conducts regular assessments, monitoring, and communication to ensure vendors adhereto security standards and practices.
▪ Security Assessments: Performs regular vulnerability assessments and penetration testingsystems. Identifies and remediates vulnerabilities to enhance the overall security posture.
▪ Policy and Compliance: Assists with the development and enforcement of security
policies, procedures, and standards. Ensures compliance with industry regulations andbest practices, including but not limited to GDPR, HIPAA, and PCI-DSS.
▪ Collaboration: Works closely with internal teams, including IT, DevOps, and application
development, to integrate security best practices into the design and deployment of newtechnologies and services.
▪ Documentation: Maintains comprehensive documentation of security configurations, incidents, and remediation activities. Ensures all security assets are accurately inventoriedand tracked.
▪ Threat Intelligence: Stays updated with the latest threats in the marketplace and the tools
used within the organization. Performs threat intelligence initiatives to enhance thesecurity posture of the organization.
▪ Must carry a cell phone and be available for consult or assistance when needed 24 hours aday/7 day a week to respond to security breaches and other related duties.
▪ Other duties as assigned.
Qualifications:
Education and Experience
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum of five (5) years of handson experience in security engineering.
Special Skills, Licenses and Certifications
Relevant certifications such as CISSP, CCSP, CCNP Security, GIAC, or similar are highly desirable. In-depth knowledge of security
principles, protocols, and technologies. Proficiency in configuring andmanaging firewalls, IDS/IPS, VPNs, and other security appliances.
Experience with security monitoring and analysis tools (e.g., SIEM, Wireshark, Snort). Strong understanding of TCP/IP, routing, and
switching, Windows and Linux environments. Familiarity with cloud
security best practices for platforms such as AWS, Azure, and Google
Cloud.
Performance Based Competencies
Excellent problem-solving and analytical skills. Strong communicationand interpersonal skills, with the ability to convey complex security
concepts to non-technical stakeholders. Proven ability to work
independently and as part of a team in a fast-paced, dynamic
environment.
Work Environment And Physical Demands
More than 50% of work time is spent in front of a computer monitor.May be required to bend, stoop, kneel, crawl, or work in other nonstanding and non-sitting positions to install cabling, systems hardware, and other related equipment.
All HealthPlan employees are expected to:
- Provide the highest possible level of service to clients;
- Promote teamwork and cooperative effort among employees;
- Maintain safe practices; and
- Abide by the HealthPlan’s policies and procedures, as they may from time to time be updated.
HIRING RANGE:
$118,518.94 - $154,074.63
IMPORTANT DISCLAIMER NOTICE
The job duties, elements, responsibilities, skills, functions, experience, educational factors and the requirements and conditions listed in this job description are representative only and not exhaustive or definitive of the tasks that an employee may be required to perform.The employer reserves the right to revise this job description at any time and to require employees to perform other tasks as circumstances or conditions of its business, competitive considerations, or work environment change.