Information Security Engineer II – Information Systems

• Safeguards EMCs computer systems, network, and data. Develops, implements, and monitors security controls to protect sensitive data and prevent unauthorized access.
• Chief Information Security Officer (CISO)
• N/A
• N/A
• Minimal/No Potential
• Chief Information Security Officer (CISO)
• N/A
• N/A
• Minimal/No Potential

Education

• Required: Bachelor’s degree in information security, cybersecurity, information technology, computer science or an additional four (4) years of applicable experience in lieu of bachelor’s degree
• Required: Bachelor’s degree in information security, cybersecurity, information technology, computer science or an additional four (4) years of applicable experience in lieu of bachelor’s degree

Licensure/Certification

• Required: One (1) of the following certifications: CISSP, CASP CE, CSSLP, ISSAP or ISSEP
• Preferred: HCISPP or similar healthcare related certification
• Required: One (1) of the following certifications: CISSP, CASP CE, CSSLP, ISSAP or ISSEP
• Preferred: HCISPP or similar healthcare related certification

Experience

• Required: Five (5) years of experience in a technical security focused IT role such as systems administration, systems engineering, cloud security, network administration, information security engineer or nine (9) years of experience in lieu of bachelor’s degree
• Preferred: Experience working within a regulated enterprise environment and with the creation of architecture, process, and procedural documentation; experience with compliance audits and risk assessments
• Required: Five (5) years of experience in a technical security focused IT role such as systems administration, systems engineering, cloud security, network administration, information security engineer or nine (9) years of experience in lieu of bachelor’s degree
• Preferred: Experience working within a regulated enterprise environment and with the creation of architecture, process, and procedural documentation; experience with compliance audits and risk assessments

1. Demonstrates compliance with Code of Conduct and compliance policies, and takes action to resolve compliance questions or concerns and report suspected violations.

2. Supports and implements Eisenhower Medical Center’s (EMC) information security strategy.

3. Develops technical mapping of security strategy to security controls.

4. Develops and performs security risk assessments and compliance audits.

5. Develops and manages resilient threat intelligence and vulnerability management processes.

6. Develops security requirements plans for projects and technical review board.

7. Develops, implements, and documents secure configuration standards for hardware and software solutions.

8. Leads Incident Response efforts as a subject matter expert on cybersecurity.

9. Creates, documents, and implements information security procedures, workflows, and architectures.

10. Implements and tests security controls to mitigate risk to an acceptable level and achieve desired outcomes.

11. Recommends security controls and corrective actions for identified risks and vulnerabilities.

12. Monitors threat intelligence and vulnerability feeds to assess and communicate emerging risk to EMC stakeholders.

13. Ensures ongoing compliance with state and federal regulatory requirements.

14. Collaborates with workforce members to ensure security requirements are implemented and followed.

15. Provides feedback to leadership on security related policies and creates aligned procedures.

16. Recommends, implements, and manages information security applications and tools.

17. Assists with employee security awareness training and mentorship program to promote a culture of security within the organization.

18. Performs other duties as assigned.

Read Full Description