CYBER SECURITY ENGINEER 2

Updated: about 1 year ago
Location: Seattle, WASHINGTON
Deadline: Open Until Filled

A higher degree of healthcare.

All across UW Medicine, our employees collaborate to perform the highest quality work with integrity and compassion and to create a respectful, welcoming environment where every patient, family, student and colleague is valued and honored.

UW Medicine’s IT Services department has an outstanding opportunity for an Cyber Security Engineer 2!

UW Medicine’s Information Technology Services (ITS) department is a shared services organization that supports all of UW Medicine.  UW Medicine is comprised of Harborview Medical Center (HMC), UW Medical Center-Montlake (UWMC-Montlake), UW Medical Center-Northwest (UWMC-NW), Valley Medical Center (VMC), UW Neighborhood Clinics (UWNC), UW Physicians (UWP), UW School of Medicine (SOM) and Airlift Northwest (ALNW).  In addition, UW Medicine shares in the ownership and governance of Children’s University Medical Group and Seattle Cancer Care Alliance (a partnership between UW Medicine, Fred Hutchinson Cancer Research and Seattle Children’s).  ITS is responsible for the ongoing support and maintenance of the infrastructure and applications which support all of these institutions, along with the implementation of new services and applications that are used to support and further the UW Medicine mission.

In collaboration with UW Medicine IT Services (‘ITS’) and under the general guidance of the Information Security Manager, the primary focuses of the Cyber Security Engineer 2 (‘Engineer’) position are:
• collaborating with fellow cyber security engineers and analysts to conduct vulnerability assessments, threat intelligence, and incident response activities across UW Medicine, with our partner organizations (SCCA, UW Campus, etc.) and vendors;
• designing, developing, and implementing security tools and configuration baselines, drawing from industry requirements and frameworks such as HIPAA, HITRUST, and NIST;
• executing incident response activities and conduct digital forensics investigations on UW Medicine assets, including reporting;
• configuring various scans, engage with system owners for resolution, process false-positives and assist with risk acceptance; and
• utilizing a variety of threat sources including raw data, log information, reports and bulletins, and collaborations with both internal and external partners to develop threat profiles for UW Medicine information assets.

RESPONSIBILITIES

Enterprise Threat Prevention, Detection, Management, and Incident Response (45%)
• Provide expert or specialized information security services related to threat prevention, detection, management, and incident response.
• Engineer, configure, test, and implement information security products and solutions within the existing security services portfolio.
• Respond to cyber-security intrusions and conduct digital forensic analysis, investigations, and investigative reporting.
• Conduct post-event follow-up activities related to information security incidents.
• Maintain awareness of known and emergent vulnerabilities related to UW Medicine's technology deployments and use and convert insights into actionable use cases and detection methodologies.

Security Consulting and Technical Security Services (30%)
• Provide expert or specialized information security services related to the security of UW Medicine information security/technology infrastructure.
• Deliver security consulting and technical services to technical, hospital, business, operations and vendor staff and teams concerning implementation of UW Medicine security standards, processes, and NIST 800-53 “best practices” on secure system design and risk mitigation strategies.
• Design and implement recommendations to operational teams implementing and maintaining UW Medicine information security/technology infrastructure.
• Advise the enterprise on the secure design of technical solutions, applications, and network architecture.
• Deploy approved security tools in accordance with formal policies and procedures to assess the vulnerability of the UW Medicine workforce and/or assets to general and specific threats.

Security Education and Outreach (10%)
• Provide expert or specialized information security services related to information security policies, standards, and procedures.
• Review security controls, information systems, and business practices for violations of information security policies, standards, or regulatory requirements.
• Develop and deliver information security training, education, awareness and conduct outreach activities, as required.
• Represent the Information Security team at technical advisory groups, project meetings and provide transparent reporting on relevant issues and statuses.
• Maintain collaborative relationships with Office of CISO staff and other stakeholders (including government and private sector organizations) engaged in the sharing and dissemination of threat information.

Risk Management, Threat Assessment, and Security Analysis (10%)
• Support team efforts to document and report information security risks to UW Medicine.
• Support team efforts to develop, propose, or monitor organizational risk acceptance, mitigation, or remediation activities in accordance with established procedures and ensure risks are updated with relevant information and escalated to leadership when required.
• Support team efforts to ensure security risk assessments align with best practices, standards, and frameworks such as NIST, PCI, and OWASP.
• Support team efforts to evaluate significance of threats to UW Medicine's risk posture.
• Support team efforts to integrate computer and software vulnerability findings into enterprise risk management program.

Other (5%)
• Participate in all aspects of improving the team, including education/training of other team members and contributing to process/communication improvement initiatives.
• Work with manager to set professional goals for career development.
• Act as back-up for other team members and functions, as needed.

REQUIREMENTS

Bachelor’s Degree in Computer Science, Information Technology, Engineering, or related field or equivalent combination of education/experience.

3+ years’ experience must include:
• 3+ years’ information security experience to include experience in one or more of the following areas: Security Engineering, Security Operations, Security Analysis, Security Project Management, Security Architecture, implementing security best practices, tools and technologies.
• Strong work experience independently designing, implementing, or maintaining security tools (including threat detection tools or vulnerability management scanning systems).
• Strong work experience independently performing security assessments, security control analyses, vulnerability assessments, or penetration tests.
• Strong understanding of, and demonstrated experience with, security-related technologies, systems, and tools used for the protection of computer networks and information.  Strong understanding of information security threats and vulnerabilities and how they translate to risks.
• Strong understanding of leveraging - monitoring tools to review and analyze operating system outputs such as authentication logs.
• Demonstrated application of common information security regulations and/or standards such as NIST 800-53/CSF, ISO 27001/2, HIPAA, PCI DSS, and SOC.

DESIRED

• Advanced degree (e.g., Master’s, PhD, etc.)
• Previous experience in and knowledge of academic healthcare systems and/or operational environments.
• One or more of the following certificates: GIAC, CISA, SSCP, CEH, Security+.
• Knowledge of common health care workflows.
• Experience designing, implementing and maintaining tools related to security information and event management, intrusion protection, security architecture, or cloud security.
• Familiarity with major technology products commonly used in large healthcare systems, such as Epic.

CONDITIONS OF EMPLOYMENT



Similar Positions