Role: Security Engineer (Information Security Engineer)
- Provides overall security ownership of a range of security programs, such as identity and access management, privilege management, configuration management, vulnerability management, hardening, and attack-surface minimization.
- Represents security’s interests in a broad range of business and IT projects and initiatives, and works to ensure efficient collaboration and cooperation with other stakeholders. Works with stakeholders across the company to ensure they remain informed and engaged, and that their priorities are captured and addressed as appropriate.
- Develops and carries out information security plans and policies, develops strategies to respond to and recover from a security breach, and implements mechanisms to reduce security threats.
- Interprets security and technical requirements, translating them into business requirements as well as communicates security risks to relevant stakeholders ranging from business leaders to engineers.
- Participates in efforts that shape the organization’s security policies and standards in public cloud (especially Microsoft Azure) and private data center hosting environments.
- Reviews solution design for meeting security standards and specification as well as ensures solutions and personnel are in compliance with security policies, procedures, and standards and provides input and feedback on security architectures, tools, and protection mechanisms.
- Establishes and maintains documentation of implementations, via technical documentation and run-books.
- Develops processes, procedures, and practices for security programs and activities.
- Evaluates data, clients, personnel, solutions, and service providers for potential security risks and provides appropriate recommendation and helps drive remediation.
- Collaborates with other security and operations teams to execute on strategic plans and develop tactical and operational execution methodologies which improve the security function of the company.
- Guides, supports, and oversees the overarching security model for all cloud-based infrastructure being built and data center hosting environments, especially for migrations to the cloud (Microsoft Azure).
- Evaluates and implements security techniques and ensures the correct level of security tools, methods, and processes are implemented for monitoring, logging, and auditing the environment.
- Identifies use cases that can be built with existing tools and services to enhance both security automation and posture.
- Investigates security breaches with other teams and drives recovery efforts to restore functionality.
- Works with governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation.
- Will work alongside of multi-disciplinary staff, contractors, executives, and clients on projects and day-to-day activities.
- 3 to 5 years experience from a highly critical, complex enterprise environment required and experience in a comparable security role.
- Strong working knowledge of Microsoft Azure security and public cloud/hosting platforms.
- Experience with hosted data center environments.
- Degree in Information Science/Computer Science preferred.
- CISSP preferred.
- Certification in one or more of the following: Microsoft Azure Administrator (AZ-103 and/or 104), MCSE Productivity, Azure Security Engineer (AZ-500), Microsoft 365 Security Administration (MS-500) preferred.
- Strong understanding of specific healthcare related compliances (HIPAA and HITRUST) and security frameworks as ISO 27001/2, NIST, CSF, CSA CCM, etc.
- Demonstrated comprehension of cybersecurity fundamentals and best practices.
- Strong experience with security engineering and ensuring technologies and solutions are securely designed.
- Ability to develop and implement processes that may be complex and cross organizational boundaries.
- Ability to develop presentations, analyze data, and communicate across cross-functional staff.
- Strong communication skills, both verbal and written, as well as the ability to communicate well with people in a variety of positions, roles and levels.
- Strong analytical and problem-solving skills required.
To prepare for this job, check out tons of free content here
Learn about our AntWak Experiential Program Cybersecurity here