Senior Security Engineer
Department Description: Position is located at 1135 Tremont St.
Job Location: Boston, MA
Req ID: 28985BR
Job Summary: This Senior level position is responsible for a range of information security services and technologies related to the security asset management of BIDMC's IT infrastructure. Will work and coordinate with Security Staff and various IT organizations on projects that impact the security profile of the BIDMC infrastructure. May be involved in projects at various phases of the information technology life cycle: design, development, testing, implementation, and post-implementation analysis.
- Contributes to the direction, planning, evaluation, installation, maintenance and technical support of the BIDMC Data Security Strategy and product lines for Windows, Macintosh and Linux environments.
- Monitor and analyze the output from the BIDMC IDS and IPS devices; Responsible for the health of the devices and upgrades when needed; initiate remediation actions per procedures where required. Knowledge of Palo Alto, SourceFire and Endace recommended.
- Conduct network forensics investigations, documenting incident results, and providing IT management with incident reporting and summary observations.
- Work with IT personnel to define and implement hardened standards for network devices and provide security guidance. Help plan, participate and remediate security gaps found in the annual penetration testing.
- Collaborates with and offers expertise to other IS teams on the design and implementation of security solutions for the development and maintenance of the BIDMC AWS Cloud hosting environment.
- High School diploma or GED required. Bachelor's degree preferred.
- CISSP or equivalent certification required or on track for achieving.
- 8-10 years related work experience required.
- Extensive knowledge of various Data Security software and tools, including network sniffers, Cobalt Strike, NUIX, etc. Knowledge of and extensive experience with data mining technologies and tools such as Splunk and Elk. Knowledge and experience with the architecture and support of Security aspects of cloud based technologies including Amazon Web Hosting services.
- Comprehensive RedHat Linux administrative skills and writing scripts in Linux. Experience conducting
vulnerability and penetration scans.
- Understanding of risk assessment/acceptance factors that can affect business and security decisions;
understanding of data classification and its impact on security design of networking solutions. Understanding of common networking protocols and services and their relevant security issues (TCP/IP,DNS, SNMP, 802.1x, SSL etc)
- Advanced technical computer skills as required for technical support specific to functional area and related systems.
- Decision Making: Ability to make decisions that are guided by precedents, policies and objectives. Regularly makes decisions and recommendations on issues affecting a department or functional area.
- Problem Solving: Ability to address problems that are highly varied, complex and often non-recurring, requiring staff input, innovative, creative, and Lean diagnostic techniques to resolve issues.
- Independence of Action: Ability to set goals and determines how to accomplish defined results with some guidelines. Manager/Director provides broad guidance and overall direction.
- Written Communications: Ability to summarize and communicate in English moderately complex information in varied written formats to internal and external customers.
- Oral Communications: Ability to comprehend and communicate complex verbal information in English to medical center staff, patients, families and external customers.
- Knowledge: Ability to demonstrate in-depth knowledge of concepts, practices and policies with the ability to use them in complex varied situations.
- Team Work: Ability to act as a team leader for small projects or work groups, creating a collaborative and respectful team environment and improving workflows. Results may impact the operations of one or more departments.
- Customer Service: Ability to provide a high level of customer service and staff training to meet customer service standards and expectations for the assigned unit(s). Resolves service issues in the assigned unit(s) in a timely and respectful manner.
Physical Nature of the Job:
Sedentary work: Exerting up to 10 pounds of force occasionally in carrying, lifting, pushing, pulling objects. Sitting most of the time, with walking and standing required only occasionally