Key skills
AnalyticsCommunicationCritical ThinkingFirewall
About this role
Envision is a leading national medical group focused on delivering high-quality care to patients when and where they need it most. The Engineer Cyber Security role is to provide support of the Cyber Security Framework, enhancing the security program in areas such as security monitoring and vulnerability management.
Responsibilities:
- Assists in development of strategy, defining departmental goals, and objectives for the cyber security program
- Validates security program maturity. (Repeatable processes, metrics etc.)
- Respond and investigate complex cybersecurity events and incidents
- Analyzes log information to correlate security events
- Detect, analyze, track, and guide the remediation of complex security vulnerabilities
- Research emerging threats and implement or lead the implementation of preventive controls
- Support, maintain and enhance protection and detection security technologies
- Develop and execute security technologies improvement plans
- Provide guidance to business owners on the implementation of security controls for organizational programs
- Provides oversight in the creation and delivery of security metrics and provides technical analysis that gives insight into performance and trends
- Investigates and recommends new technologies in support of security operations
- Acts as subject matter expert for analysts within the team, assisting with all escalated issues
- Creates internal security department documentation
Requirements:
- Solid research and consulting skills, with experience leading meetings and giving presentations to customers
- Excellent documentation skills and verbal communication skills
- Ethical hacking mindset and critical thinking
- Continuous improvement mindset
- Excellent data collection and analytics skills
- Solid engineering skills, with experience on developing and implementing cyber security solutions
- Available for on-call as needed
- Bachelor's Degree from four-year College or University required
- 4 years of work related experience required
- Strong knowledge of HIPAA, NIST and MITRE ATT&CK frameworks
- Experience managing, supporting, and implementing protection and detection technologies such as endpoint protection, email/web/network firewall, vulnerability scanning and SIEM platforms
- CISSP, CISM, CEH or similar for at least 3 years, required