Associate Director, Information Security Engineer
United States of America
Full Time
3 weeks ago
$125,000 - $130,000 USD
No H1B
Key skills
Information SecuritySecurity InformationEvent Management (SIEM)SplunkIncident ResponseVulnerability AssessmentPenetration TestingNetwork Intrusion DetectionPrevention Systems (IDS/IPS)UNIXAIXSolarisLinuxWindows Server Operating SystemsTCP/IP NetworkingVPNVLANNATWireless NetworkingSwitchesRoutersFirewallsSoftware Asset ManagementHardware Asset ManagementSecurity Compliance PCISecurity Compliance HIPAASecurity Compliance ISO 27001Security Compliance NISTSecurity Compliance CSFSecurity Compliance MITRE ATT&CKSecurity Compliance ITILSecurity Compliance COBITSecurity Compliance Sarbanes-OxleySecurity Compliance SANS 20Forensic AnalysisIndependent decision-making
About this role
Planned Parenthood Federation of America is the nation’s leading provider and advocate of high-quality, affordable sexual and reproductive health care. They are seeking an Associate Director, Information Security Engineer to manage IT security protections, provide security monitoring, and support security operations to safeguard data entrusted to the organization.
Responsibilities:
- The Security Engineer manages Information Technology security protections with the goal of protecting PPFA from and reducing the impact of security incidents and system compromises for the organization
- This position provides security monitoring, event investigation and analysis, and countermeasure proposals on a 24x7 basis along with providing support and guidance to Tier I Analysts, will provide technical assistance for Tier II & III incidents as assigned, and is responsible to directly interface with the InfoSec Operations Team, Managed Security Service Provider (MSSP) and IT Managed Service Provider (MSP) as it relates to security event architecture, collection, management, reporting, and alerting within PPFA’s SIEM Platforms
- The Security Engineer will engage with InfoSecOps, InfoSec, ITOps/MSP, the MSSP, ATS and staff within both PPFA and Affiliates
- The Security Engineer will deliver by identifying, implementing, and maintaining Information Security toolsets, primarily focused on SIEM, to protect the organization; interfacing with IT Ops to ensure proper security event logging setup; and, where applicable, supporting the Information Security SIEM management needs of PPFA and Affiliates
- Act as a Subject Matter Expert for PPFA’s SIEM (currently Splunk) and be able to configure, manage, operate, and administer the platform from a managed SIEM perspective
- SIEM Security Monitoring – Provide security monitoring and threat/risk analysis in a 24/7 environment
- SIEM Event Filtering – Monitor & ensure established processes for event identification are followed, and, where required, make recommendations for new or refined event filtering, ensuring all updates are completed
- SIEM Event Investigation & Assignment – Monitor & ensure established processes are followed for collecting relevant data and performing the necessary levels of analysis on that data. Ensure events are assigned appropriately
- Tier II Event Escalations - Follow an established process for handling Tier II escalations, identifying the source of the escalation (MSSP, MSP, Affiliate, or other) and the appropriate triage and documentation processes
- Creating and maintaining Standard Operating Procedures (SOPs) for the Information Security Ops group, and providing recommendations on security process improvements
- Support and engage on complex security tool-specific tasks with the assistance and guidance of management, vendor & MSSP resources
- Assist in Vulnerability Assessments setup, scanning, analysis, and remediations, working with IT Ops staff and corporate vendors as needed in correcting errors and alerts as found with the IT infrastructure systems
- Assist in IR incidents as assigned by management
- All other duties as assigned
Requirements:
- Bachelor's degree and 5+ years of industry experience
- Passion to work on newer technologies and explore the security domain
- Independent decision-making capabilities, especially in identifying analysis tracks for escalated events, analysis assignments, and escalation decisions ranging from a base Tier I event to Incident Response level remediations
- Experience in compliance requirements and industry standards like PCI, HIPAA, ISO 27001, NIST, CSF, MITRE ATT&CK, ITIL, COBIT, Sarbanes-Oxley, and SANS 20
- UNIX, AIX & Solaris, Linux, Windows Server Operating Systems
- Network/System Intrusion Detection or Prevention Systems (IDS/IPS)
- Security Information and Event Management (SIEM)
- Vulnerability scanner/Penetration testing systems
- Wireless Networking
- Switches/Routers, Firewalls (basic configuration)
- TCP/IP networking, VPN, VLAN, NAT, and security concepts
- Software & Hardware Asset Management
- Security threat and attack countermeasures
- Experience conducting forensic analytical studies and investigations
- Flexibility and ability to adapt to quickly changing priorities and ambiguous situations
- A deep commitment to Planned Parenthood's mission of promoting Sexual and Reproductive Health