Talent.com
Information Security Engineer

Information Security Engineer

TriWest Healthcare AlliancePhoenix, AZ
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.temporary
job_description.job_card.job_description

Job Summary

Information Security Engineers play a crucial role in safeguarding an organization's digital assets. The responsibilities include designing and implementing security measures to protect systems, networks, and data from cyber threats. Conduct risk assessments, vulnerability analyses, and penetration testing to identify and mitigate potential security risks. Professionals are skilled in areas such as encryption technologies, network security protocols, and incident response. Validate compliance with security standards and regulations for a secure IT environment.

Education & Experience

Required :

  • High School Diploma or GED
  • U.S. Citizenship
  • Must be able to receive a favorable Interim and adjudicated final Department of Defense (DoD) background investigation
  • 3-5+ years of experience in information security involving the implementation and administration of security requirements and security technologies
  • 2+ years of experience designing, and supporting security in Microsoft Azure, including the use of native tools
  • Strong understanding of cloud security best practices, encryption, authentication, authorization, and audit capabilities
  • Strong oral and written communications skills that demonstrate a professional demeanor and the ability to interact with a variety of cross-functional roles with occasional executive presence
  • Strong understanding of threats, vulnerabilities, and exploits common to cloud applications or environments and experience implementing controls to mitigate those threats

Preferred :

  • Bachelor’s degree in computer science, Computer Information Systems, Criminal Justice or Business
  • Relevant DoD Approved 8570 Certification (e.g., CISSP, SSCP)
  • Direct technical experience in building, conducting and performing penetration testing, audits and assurance programs in compliance with FISMA Moderate / High, HITRUST, URAC and / or similar data security requirements
  • One of the following ServiceNow GRC, CyberArk, SailPoint, MathCraft, Purview, or Splunk
  • Python Scripting

    • Key Responsibilities

  • Evaluates and implements security controls to meet or exceed the Federal Information Security Management Act (FISMA), the National Institute of Standards and Technology (NIST) and the Federal Information Processing Standards (FIPS) in “high” information classification boundary.
  • Implements Information Security Technology, Physical Security Controls and Federal data security requirements.
  • Proactively plans security systems by evaluating network and security technologies; develops requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security, network devices and workstations; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to federal and industry standards.
  • Plans delivery of solutions; answers technical and procedural questions from less experienced team members; teaches improvement processes; mentors team members and provides security technical leadership to other Information Security and Information Technology team members.
  • Determines security requirements by evaluating business strategies and requirements; researches information security standards; conducts system security and vulnerability analyses and risk assessments; studies architecture / platform; identifies integration issues; prepares cost estimates for review by Manager, Information Systems Security.
  • Verifies security control compliance by developing, implementing and maintaining test scripts.
  • Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducts incident response analyses; in collaboration with Training department, develops and conducts security education and training programs.
  • Upgrades security systems by monitoring security environment; identifies security gaps; evaluates and implements enhancements.
  • Prepares system security reports by collecting, analyzing, and summarizing data and trends.
  • Tracks and understands emerging security practices and standards; participates in educational opportunities; reads professional publications; maintains personal networks; participates in professional organizations.
  • Authors security system and application processes for both operation and management, including as-build service configuration documents.
  • Performs detailed and routine assessment to ensure use of established security policies, practices and expectations across all platforms, operating systems and applications.
  • Drafts and recommends changes to Security Policy, Procedures, Standards and Guidelines to meet or exceed corporate or contractual security requirements.
  • Conducts network / system forensics and traffic analysis using protocol and intrusion detection analyzers.
  • Prepares system security reports by collecting, analyzing, and summarizing data and trends.
  • Accepts ownership for accomplishing new and different requests; explores opportunities to add value to job accomplishments.
  • Performs other duties as assigned.
  • Regular and reliable attendance and on call availability is required.

    • Competencies

    Communication / People Skills : Ability to influence or persuade others under positive or negative circumstances; adapt to different styles; listen critically; collaborate.

    Computer Literacy : Ability to function in a multi-system Microsoft environment using Word, Outlook, TriWest Intranet, the Internet, and department software applications.

    Creativity / Innovation : Ability to develop unique and novel solutions to problems; view change as a necessity.

    Empathy / Customer Service : Customer-focused behavior; helping approach, including listening skills, patience, respect, and empathy for another's position.

    Information Management : Ability to manage large amounts of complex information easily, communicates clearly, and draws sound conclusions.

    High Intensity Environment : Ability to function in a fast-paced environment with multiple activities occurring simultaneously while maintaining focus and control of workflow.

    Multi-Tasking / Time Management : Prioritize and manage actions to meet changing deadlines and requirements within a high volume, high stress environment.

    Organizational Skills : Ability to organize people or tasks, adjust to priorities, learn systems, within time constraints and with available resources; detail-oriented.

    Problem Solving / Analysis : Ability to solve problems through systematic analysis of processes with sound judgment; has a realistic understanding of relevant issues.

    Technical Skills : Conceptual and intimate knowledge of all information security tools, i.e., intrusion prevention, vulnerability scanning, syslog, firewall policies, reverse proxy, authentication.

    Working Conditions

    Working Conditions :

  • Limited infrequent travel may be required to TriWest remote locations to present security awareness material or to assess information security posture
  • Act as a primary point of contact for all information security related incidents requiring consultation or response, 24 hour accessibility
  • Provide high level of customer service to employees, business leadership and IT
  • Work in a cubed office environment with multiple computers and monitors
  • Heavy computer usage and documentation review
  • Extensive computer work with prolonged sitting
  • Requires successful completion of a background check
    • serp_jobs.job_alerts.create_a_job

    Information Security Engineer • Phoenix, AZ