Information Security Engineer

American Specialty Health, Inc. is seeking an Information Security Engineer to join our Enterprise Security Programs Department. This position will improve, validate, complete and enhance the security functionality and effectiveness of our Information Technology investments. This position will work closely, almost embedded with, Information Technology Operations and be integral to the great relationship that ESP and ITO maintain, reducing cyber risks to the organization.

You are invited to learn more about American Specialty Health’s events on our events page.

Responsibilities

  • Performs day-to-day information security functions.
  • Monitoring, threat hunting and validating firewall effectiveness; optimizing firewall policies and security configuration for both Internet, hardware, virtual and software defined platforms.
  • Vulnerability scanning and configuration, validating effectiveness and prioritizing implementation changes to improve or correct scanning and assessment.
  • Optimize logging, eventing and alerting for ASH and MSSP data flows.
  • Resource ITO and ESP projects, change management events, security and ITO incidents, can vulnerability/patching events as a subject matter expert and representative of Enterprise Security Programs.
  • Optimize end point security architecture, edge and boundary security architecture, including 802.1X.
  • Promote understanding and adherence to the necessary policies, standards, and procedures to maintain security posture.
  • Participate in incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Build system baselines to be adhered to for all future build outs.
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation.
  • Coordinates security issue and remediation efforts between different ASH teams, sets clear expectations about responsibilities, communicate about outcomes and measure success, escalates and communicates to management appropriately.
  • Responds to security alerts and identify alerts from raw observations.
  • Maintains updated documentation of technical controls, processes and procedures.
  • Implements, manages, and enforces company information security policy and procedures.
  • Availability for afterhours work and occasional travel required.

Qualifications

  • Bachelor’s degree in IT or Information Security related field, or relevant work experience. If equivalent experience, high school diploma required.
  • 4 years of experience in IT with minimum 3 years with an information security focus, and/or security administration roles.
  • Project management experience, ideally with Agile, preferred.
  • CISSP or equivalent experience preferred.
  • Valid driver’s license with good driving record. Availability of automobile for on the job use and proof of insurance.
  • Strong experience and detailed technical knowledge in security architecture, systems and network security, authentication and application security.
  • Experience with security vulnerabilities, risk handling and secure systems design.
  • Experience with firewall, endpoint and other information security mitigating technologies.
  • Experience with SIEM and MSSP management, along with related security logging implementations and architecture.

View full description

Core Competencies

  • Demonstrated ability to interact in a positive, respectful manner and establish and maintain cooperative working relationships.
  • Ability to display excellent customer service to meet the needs and expectations of both internal and external customers.
  • Excellent listening and interpersonal communication skills to identify critical core competencies based on success factors and organizational environment.
  • Ability to effectively organize, prioritize, multi-task and manage time.
  • Demonstrated accuracy and productivity in a changing environment with constant interruptions.
  • Demonstrated ability to analyze information, problems, issues, situations and procedures to develop effective solutions.
  • Ability to exercise strict confidentiality in all matters.

Mobility

Primarily sedentary, able to sit for long periods of time. 

Physical Requirements

Ability to speak, see and hear other personnel and/or objects. Ability to communicate both in verbal and written form. Ability to travel within the facility. Capable of using a telephone and computer keyboard. Ability to lift up to 10 lbs.

Environmental Conditions

Usual office setting.

American Specialty Health is an Equal Opportunity/Affirmative Action Employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. 

Please view Equal Employment Opportunity Posters provided by OFCCP here.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact our Human Resources Department at (800) 848-3555 x6702.

ASH will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information.