REMOTE - Information Security Engineer III - R12693

CareSource is a healthcare company that focuses on providing quality care to its members. They are seeking an Information Security Engineer III who will be responsible for designing and developing technologies and processes to monitor IT systems for suspicious activity and ensure compliance with security policies.

Responsibilities:

• Apply creative thinking in problem solving and identifying opportunities for improvements in security
• Administer and configure network and computing devices/systems that enforce security policies and IT internal controls
• Share ideas, discuss alternatives, and recommend means to decrease vulnerability of systems, applications and processes
• Monitor vendor and other advisory systems for patches and other security alerts, actively driving ongoing vulnerability remediation efforts in cooperation with IT teams
• Design and implement technical solutions to contractual and regulatory requirements with a particular focus on HIPAA compliance needs
• Assist in completion of and responses to internal and external security assessments and audits
• Recommend, complete, and/or coordinate the application of fixes, patches, and updates assessed to be important to the security of the enterprise
• Research emerging technologies in support of security enhancement and development efforts
• Provide subject matter expertise and assistance with risk assessments, penetration tests, internet/extranet security assessments, intrusion attempts, and cyber-crime response efforts
• Perform project leadership tasks on select security projects and other IT projects requiring security integration and coordination
• Perform any other job duties as requested

Requirements:

• Bachelor of Science/Arts Degree in Information Technology (IT), Management Information Systems (MIS), or related computer science field or equivalent technical work experience is required
• At least eight (8) years of hands-on, Information Technology experience is required
• At least five (5) years of Information Security or IT audit experience is required
• Implementing and maintaining Azure/Office365 security controls required
• Experience Implementing and maintaining a CASB (Cloud Access Security Broker) required
• Solid familiarity with application, server, and network security is required
• Proficient working knowledge of security technologies such as access management (authentication and authorization), security monitoring, and data encryption
• Working knowledge of computer networking and secure Internet protocols (e.g. SSL, IPSEC, and TCP/IP protocols)
• Working knowledge of Microsoft Windows operating systems, Microsoft Active Directory, and computer networking
• Customer service orientation
• Effective oral and written communication skills
• Ability to work independently and within a team environment
• Strong analytical, evaluative, and problem-solving abilities
• Critical listening and thinking skills
• Significant experience in server/network administration, network engineering, and/or application development is preferred
• Experience demonstrating HIPAA, Sarbanes-Oxley (SOX), and/or Payment Card Industry Data Security Standard (PCI-DSS) compliance desired
• Implementing and maintaining Cloud DLP (Data Loss Prevention) controls preferred
• Implementing and maintaining security controls for Amazon Web Services preferred
• Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), System Security Certified Practitioner (SSCP), and/or Certified Information Systems Security Professional (CISSP) is preferred