Security Engineer
Limelight Health
The Security Engineer will collaborate with teams to design fine-grained technical controls around access to sensitive datasets and ensure their compliance with the regulatory requirements while providing strong technical support, enabling technical decisions to be made with confidence and at pace.
This role generally works a standard business week, but occasional weekend work / out of hours may be required.
Responsibilities (Other duties may be assigned.)
-
Carry out Host-Based Vulnerability Assessments
-
Drive the remediation of identified vulnerabilities across multiple departments.
-
Responsible for monitoring and responding to alerts
-
Support incident response in case of a security breach
-
Support and continuously enhance our existing security services for Cloud
-
Collaborate across multiple teams to remove blockers to drive forward implementation
-
Work with internal and external support teams
Education and/or Experience
-
College degree or equivalent work experience
-
7-10 years in Information Technology, with a comprehensive Security Operational background
-
Experience with security frameworks (NIST, MITRE, CIS, ISO & SOC2)
-
Hands-on experience with the configuration of cloud technologies
Knowledge, Skills and Abilities
-
Extensive knowledge of cloud operations and automation
-
Extensive knowledge of key security practices in access control, application security, network security, and security strategy
-
Knowledge of regulatory data requirements in the cloud, aligned with HIPAA, GDPR or other compliance standards
-
Basic understanding of containerization technology
-
Have a strong knowledge of privileged access management, vulnerability management, and threat intelligence
-
Build multilayer working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism
-
Strong root cause analysis, problem-solving, and analytical skills
-
Excellent communication and analytical skills for incident and problem management as well as stakeholder management
-
Ability to effectively document operational process and procedures
Technical Skills
-
Basic understanding of DevOps tools (GitHub, Jenkins, Nexus, Ansible, etc.)
-
Basic understanding of SecOps tools (Rapid 7, Cloud Conformity, SUMO Logic, etc.)
-
Excellent understanding of Amazon Web Services (AWS) the AWS shared responsibility model, KMS, CloudTrail, CloudWatch, CloudFormation ,Lambda and GuardDuty
-
Extensive knowledge of SIEM and SOAR tooling
-
Proficient in Linux, Node.js, YAML and JSON
Language Skills
-
Ability to speak the English language proficiently, both verbally and in writing.
Travel Requirements
-
This position may require up to 10% travel based on business need.
Work Environment
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
-
Employee works primarily in a home office environment.
-
The home office must be a well-defined work area, separate from normal domestic activity and complete with all essential technology including, but not limited to; separate phone, scanner, printer, computer, etc. as required in order to effectively perform their duties.
Work Requirements
-
Compliance with all relevant FINEOS Global policies and procedures related to Quality, Security, Safety, Business Continuity, and Environmental systems.
-
Travel and fieldwork, including international travel may be required. Therefore, employee must possess, or be able to acquire a valid passport.
-
Must be legally eligible to work in the country in which you are hired.
FINEOS is an Equal Opportunity Employer. FINEOS does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.