Information Security Engineer

City of Hope

CA

Job posting number: #7135982 (Ref:10020505)

Posted: March 24, 2023

Salary / Pay Rate: $48.30 - $77.28 / hour

Application Deadline: Open Until Filled

Job Description

Position Summary:

Sr. Information Security Engineer (City of Hope National Medical Center; Duarte, CA): Lead software engineering projects to implement the information security infrastructure. Assist other projects enhancing the Information Security Program, making recommendations on technology strategies that monitor and provide alerts on anomalies. Perform technical and operational tasks to design, develop, implement, and maintain information security solutions to uphold the confidentiality, integrity, and availability of City of Hope’s information assets. Conduct protocol and traffic analysis and execute effective countermeasures to current threats on systems and networks using knowledge of the interrelationship between operating systems, Active Directory, intrusion detection systems (IDS) and intrusion prevention systems (IPS), vulnerability detection tools, Structured Query Language (SQL), Transmission Control Protocol/Internet Protocol (TCP/IP), encryption, virtual private networks (VPNs), and demilitarized zone (DMZ) network. Be responsible for endpoint security engineering and management as well as the related configuration. Develop and implement security operations center (SOC) and information retrieval (IR) systems integration through automation and orchestration using application programming interface (API), PowerShell, and Python. Provide security recommendations and solutions for cloud-based digital platforms. Manage the implementation and ongoing capabilities of a Security Incident and Event Management (SIEM). Perform web application and network penetration testing. Build security into software products early in the Software Development Life Cycle (SDLC) using static application security and static analysis tools. Prepare countermeasures to defend information systems against known attack techniques: backdoors and Trojan horses, buffer overflows, covering tracks in Unix-Linux, using steganography, denial-of-service, format string attacks, IP address spoofing, kernel-mode rootkits, user-mode rootkits, network sniffing, password attacks, passive fingerprinting, war-dialing, web application attacks, worms, bots and bot-nets, and session hijacking. Provide forensic analysis of security violations (incident response). Verify network, wireless, and firewall security systems by conducting reviews and policy assessments. Telecommuting permitted from anywhere within the U.S.

Qualifications:

Minimum requirements: Bachelor's degree or foreign equivalent in Computer Science, Information Technology, or related field, plus eight (8) years of experience as a Senior Information Security Engineer, Security Consultant, Security Analyst, or related occupation.

Must have experience with the following: monitoring networks and systems for cybersecurity threats and vulnerabilities, identifying and addressing security issues, performing security reviews for new technologies and vendor risk assessments, and managing technical security solutions across infrastructure; providing analysis on security enforcement technologies (SIEM, anti-virus, content filtering reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, and vulnerability scanners); internet and network security technologies and protocols (TCPIP, firewalls (application firewalls), routers, switches, IDSIPS, anti-virus, SIEM, Web Proxy, VPN, Linux, and Encryption technology products); endpoint detection and response (EDR)antivirus products: Crowdstrike, Cylance, Carbon Black, System Center Endpoint Protection (SCEP), Symantec Endpoint Protection Manager (SEPM), Traps, or Cortex XDR; supporting Microsoft technologies including Active Directory (AD), Domain Name System (DNS), Group Policy Object (GPO), Internet Information Services (IIS), and Structured Query Language (SQL); working with security protocols and standards (National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPAA), North American Electric Reliability Corporation (NERC), or Center for Internet Security (CIS) controls); architecting, engineering, implementing, troubleshooting, and supporting the full suite of security technologies and solutions using the latest industry best practices to integrate and automate the system defenses and environments against modern security risks, threats, vulnerabilities, and requirements; managing and integrating security technologies, automation, and orchestration, and serving as the subject matter expert (SME) in design and operation of Microsoft’s O365 security and compliance, Microsoft Information Protection (MIP), Microsoft Cloud App Security (MCAS), and integrated Cloud Access Security Broker (CASB) platforms (Proofpoint CASB and Email DLP) and applications; engineering cloud security solutions to ensure that cloud services perform according to defined processes, meet defined policies, and comply with information security requirements; serving as the SME on implementing and administering the SIEM centered on IBM QRadar; analyzing, designing, building, tuning, and supporting SIEM use cases across various business functions based on security operational needs; organizing and conducting hacking, simulated attacks, penetration testing activities, and commercial and open-source penetration testing solutions; planning, executing, and managing simulated attack and red team engagements using techniques described within the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework; application-level security knowledge (Common Vulnerabilities and Exposures (CVE), SQL Injection, Cross-Site Scripting (XSS), and Buffer Overflows) and manually testing and creating proof of concept exploits against vulnerable applications; web-based attacks, OWASP Top �1 web vulnerabilities, and web application testing using Tenable.io and Whitehat; defending and mitigating system vulnerabilities related to network infrastructure devices and boundary defense, network device operating systems, functionality and configuration, network architecture and protocols (port, protocol, and services analysis), and network segmentation and traffic analysis; forensic analysis tools (X-Ways Forensics, WinHex, Encase, or FTK) and forensic log artifacts found in SIEM logs, web server logs, AV logs, and protection logs (HIDS and NIDS logs); and working with multiple stakeholders (engineering or operations teams, internal business units, external incident response teams, and law enforcement throughout the incident lifecycle).

Salary / Pay Rate Information:
Pay Rate: $48.30 - $77.28 / hour

The estimated pay scale represents the typical [salary/hourly] range City of Hope reasonably expects to pay for this position, with offers determined based on several factors which may include, but not be limited to, the candidate’s experience, expertise, skills, education, job scope, training, internal equity, geography/market, etc. This pay scale is subject to change from time to time.



City of Hope is a community of people characterized by our diversity of thought, background and approach, but tied together by our commitment to care for and cure those with cancer and other life-threatening diseases. The innovation that our diversity produces in the areas of research, treatment, philanthropy and education has made us national leaders in this fight. Our unique and diverse workforce provides us the ability to understand our patients' needs, deliver compassionate care and continue the quest for a cure for life-threatening diseases. At City of Hope, diversity and inclusion is a core value at the heart of our mission. We strive to create an inclusive workplace environment that engages all of our employees and provides them with opportunities to develop and grow, both personally and professionally. Each day brings an opportunity to strengthen our work, leverage our different perspectives and improve our patients’ experiences by learning from others. Diversity and inclusion is about much more than policies and campaigns. It is an integral part of who we are as an institution, how we operate and how we see our future.


Apply Now

Please mention to the employer that you saw this ad on BiomedJobs.com

More Info