Job Details

Position Summary:

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations.

Technical Implementation:

1. Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools.
2. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points.
3. Configure, administer, and secure Active Directory and Azure AD environments.
4. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions.
5. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection.
6. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture.

Security Operations:

1. Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation.
2. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts.
3. Lead technical response efforts during security incidents or breaches in coordination with the incident response team.
4. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access.
5. Conduct routine vulnerability assessments and threat analysis to support continual improvement.
6. Perform digital forensics and incident response activities as needed.

Compliance:

1. Ensure adherence to HIPAA and all applicable regulatory and security standards.
2. Design and implement technical safeguards that protect sensitive information and support organizational objectives.

Collaboration:

1. Partner with IT and business teams to embed security controls into systems, applications, and workflows.
2. Educate and support staff on cybersecurity awareness, best practices, and evolving threats.

Documentation:

1. Create and maintain accurate documentation for security configurations, procedures, and incident activity.
2. Remain informed on current cybersecurity trends and recommend enhancements to existing controls.

Security Audits:

1. Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards.

Security Standards and Policies:

1. Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements.

Security Infrastructure Maintenance and Monitoring:

1. Configure, troubleshoot, and maintain security-related hardware and software.
2. Implement and manage monitoring tools to detect intrusions and potential security breaches.

Security Strategy Development:

1. Support the planning, execution, and ongoing refinement of the organization's information security strategy.
2. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives.
3. Perform additional duties as assigned.

Minimum Education:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required.

Minimum Experience:

Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment.

Certifications:

Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.