The Cyber Security Engineer I provides support in the development, implementation and assurance of technical security strategies across the Cyber. The Cyber Security Engineer I is responsible for supporting the architecture, design and assurance of information security mechanisms and services throughout the Cyber. The Cyber Security Engineer I works as part of cross-functional teams that deal with the full spectrum of information management technology providing security-based direction in technical standards, planning, and strategy to other technical staff and management. The Cyber Security Engineer I supports the development and implementation of key security initiatives and global security parameters based upon level of risk for all Cyber IT platforms and infrastructure. The Cyber Security Engineer I provides internal consulting, analysis, and security review to project teams and business units in identifying secure solutions for attaining business goals and objectives. The Cyber Security Engineer I remains current on potential business threats and is proactive in recommending new security policies and modifications to current security policies. The Cyber Security Engineer I also supports the efforts of the Director of Information Security, performs probes of networks, applications, and devices to determine if security vulnerabilities exist and/or if security and access control policies have been violated. The Cyber Security Engineer I participates in project implementation and security-based training as needed.
Security Engineering and Assurance -- Design and implement security tools and reporting mechanisms to support testing and information assurance. Conduct and/or supervise intrusion and vulnerability testing; identify and implement vulnerability scanning tools; coordinate penetration testing and manage security reporting process. Perform security risk assessments, develop baselines and review technical risk analysis results for projects and new implementations; provide options for security controls to mitigate risk. Provide oversight and training for SOC (Security Operations Center) functions. Technical advisory for security audits and reviews. Oversight of security problem resolution for all Cyber IT platforms. Provides oversight for security incident investigations and reviews or prepares appropriate documentation. Ensures that preventive measures are put into effect.
Oversight -- Participate as member of the Security Incident Response Team and participate in a Technical Security Advisory Group that facilitates the security review process. Provides oversight for security assurance of intrusion detection systems, firewalls, gateways, virus protection devices, network infrastructure, content filtering, web development, application and database systems, business systems and account administration. Participates in the computer security incident response process that includes include monitoring, tracking, notification, containment, resolution, escalation and reporting. Facilitates Technical Security Change Management Committee. Defines and compiles security metrics and performance measures for management reporting.
Training & Certification - Maintains in-depth knowledge and current certification in security --related areas of information technology.
Teamwork - Fulfills role as core member of IM team; adheres to all policies and procedures, especially those relating to Change Control, Problem Management, and Project Management; provides input to improve processes to ensure highest levels of service and availability of systems. Acts as mentor and guide to junior members of the team.
Demonstrates competence to perform assigned responsibilities in a manner that meets the age-specific and developmental needs of the members served by the department.
Appropriately adapts assigned assessment, treatment, and/or service methods to accommodate the unique physical, psychosocial, cultural, age-specific, and other developmental needs of each member served.
Performs other duties as assigned.
Bachelor's degree in Computer Science, Information Systems, Electrical Engineering or related field preferred, or equivalent experience (5 years).
Technical knowledge of systems, databases, networks, operating systems and Information Management "Best Practices". Knowledge of advanced security and contingency planning concepts, including data integrity; authentication and authorization; firewall topologies as applied to Internet/Intranet/Extranet deployment; encryption; VPNs; network security architecture and protocols; intrusion testing methods; attack recognition and response systems; and business continuity planning and testing. Knowledge of major logical security software packages. Knowledge of hacker tools used to gain access to networks, operating systems and applications. Ability to compile, assess and communicate information as it affects business risks.
Five years of information security experience preferred or strong aptitude for success based upon other IT disciplines and/or equivalent skills.
Extensive technical knowledge of security tools to include Trend Micro Antivirus, Firemon, SteathWatch, Nessus, etc.
Technical knowledge of router protocols and security weakness of these protocols.
Technical knowledge of Operating Systems and Programming languages, Python, Linux, Microsoft Powershell.
Knowledge of the Firewalls (Cisco) and IDS systems configurations.
Prior experience in a health care systems environment is a definite plus.
Two or more of the following security certifications required or in progress with ability to obtain after 1 year on the job:
CHRISTUS HEALTH is an international Catholic, faith-based, not-for-profit health system comprised of almost more than 600 services and facilities, including more than 60 hospitals and long-term care facilities, 350 clinics and outpatient centers, and dozens of other health ministries and ventures. CHRISTUS operates in 6 U.S. states, Colombia, Chile and 6 states in Mexico. To support our health care ministry, CHRISTUS Health employs approximately 45,000 Associates and has more than 15,000 physicians on medical staffs who provide care and support for patients. CHRISTUS Health is listed among the top ten largest Catholic health systems in the United States.