Fairview Health Services

Overview

M Health Fairview is looking for a knowledgable Senior Cybersecurity Engineer to join the Informatics Technology department! The Senior level Cybersecurity Engineer is involved with crafting, developing, scripting, configuring, testing and maintaining Cybersecurity and Risk management. This role requires a high level of technical and engineering experience with integrating several applications and IT systems into Cybersecurity tools.

This position is 80 hours every two weeks, and is benefit eligible! Benefits we offer at Fairview include medical insurance - as low as $0, dental insurance - $0 option, PTO (up to 24 days per year starting), and 403B with up to a 6% employer match. Click here to learn more!

We find those that exceed in this role exhibit these characteristics: High standard of creative prioritization skills and priority setting. Shown focus on customer service with every interaction. Excellent public relations and networking. Work as an effective team member to deliver outstanding care. Ability to use appropriate computer applications. Capable of working independently, demonstrate critical thinking skills. Comfortable accepting change and encouraging those around you to engage in ongoing process improvement. An understanding of Dignity, Integrity, Service, Courtesy and Innovation. When working at M Health Fairview, we want to support our employees growth, honor their strengths and give them the freedom to feel empowered to make a difference in the lives of others.

Responsibilities/Job Description

• Designs, tests and configures a variety of web, mobile, cloud and/or desktop application integrations with variety of software, systems, and technologies.
• Drives the design, implementation, and development of security controls that ensure the safety of information assets and protect from unauthorized access or intentional destruction.
• Collaborates with Enterprise Architecture, Engineers, Analysts, Security Architects, and peers to brainstorm, design, deploy, and support integrations, solutions, security tools for highly available and disaster resilient solutions.
• Seeks opportunities to improve knowledge and technical expertise in multiple Cybersecurity areas
• Serves as security and participate in Red/Blue/Purple teams in assisting triage, investigation, reduce risk, and remediation of assumed/potential/actual security incidents.
• Leads projects for security regulatory compliance, standards, polices, and the implementation and maintenance of all cybersecurity programs, processes and technologies.
• Promotes improvement, efficiency gains and creativity, adapt, coach and mentor team members as needed.
• Plan, engineer, and supervise network security devices, applications, and procedures and collaborate with Cyber Security Incident Response and Risk Management teams.
• Other duties as assigned

Organization Expectations:

• Provides service adjusting approaches to reflect developmental level and cultural differences of population served
• Communicates in a respective manner and ensures a safe, secure environment.
• Finishes the required learning relevant to the role
• Follows and maintains knowledge of all relevant laws, regulation, policies, procedures and standards.

Qualifications

Required

• Bachelor’s degree in Computer Science and Engineering, Technology Information Systems, Engineering, similar to, or combination of similar experience/education.
• 10+ years of cumulative experience in engineering, development and/or support of IT Systems AND 5+ years in customization, deployment and support of Cybersecurity softwares and programs
• Knowledge of REST API and JSON batching, workflow automation, virtualization technologies (VMware or Microsoft Hyper-V), and Agile project management methodology
• Grow in a sense-of-urgency environment, leverage standard methodologies, and influence through outstanding networking, partnership, and mediation.
• Ability to explain technical concepts and adjust written and verbal communication based on audience/ levels, including non-technical groups
• Experience evaluating security patches based on current vulnerabilities, patching, and upgrading network device Operating Systems
• Knowledge of networking practices such as macro/micro segmentation demonstrating SXP, SGTs, VLANs, VNs and NAC.
• Experience monitoring logs to build custom signatures in addressing threat types (zero-day) while also ensuring no false positives, and using SIEMs to supervise syslogs/ other log files to resolve anomalous activity and mediating activity.
• Network packet inspection tools (i.e. Wireshark, Tshark), and vulnerability and threat monitoring tools (DarkTrace, Gigamon Threat Insight, etc.)
• Experience applying security protocols and frameworks to networks, servers, endpoints, and supervising gateways, IDS, antivirus, log management, and NAC, including (NIST, CSF, and HIPAA)

Preferred

• Bachelor’s degree or higher in Computer Science or Engineering, Technology Information Systems Engineering or related technical subject area
• Security Engineer/Senior Security Engineer/Senior Developer or Senior Analysts engineering and/or supporting cybersecurity tools & solutions for Healthcare organization experience
• Technical certifications in: Security technologies & tools, Development methodologies and frameworks, Cloud and Mobile applications
• Industry recognized professional certifications – Security+, TOGAF, SANS, CISSP, CISM, CISA
• Palo Alto Networks with NextGen features including: App-ID, User-ID, Content-ID, DeviceID, URL Filtering, Threat Prevention, Wildfire, Zones, Security Policies, Security Profiles, Inbound/Outbound SSL Decryption, File Blocking, or Data Filtering/DLP, DAG/DUG, EDLs, NAT/PAT, Virtual Wire, Virtual System (Vsys), Panorama centralized management, Prisma Cloud and Global Protect.
• Cloud-based network security services: CASB, FWaaS and detailed understanding of Zero Trust as a single cloud-delivered service model and provisioning of Palo Alto firewalls.
• AWS and Azure knowledge and experience deploying and handling security controls with validated ability to support large-scale hybrid architecture with infrastructure as code.
• Zero Touch Experience with RED/BLUE/PURPLE teaming exercises and Zero Trust layered security Approach.
• Prior experience in implementation/support of SOAR tools and associated processes