Security Engineer
Limelight Health
Summary
The Security Engineers will be part of a 24/7 alert monitoring team with a focus on responding to Security incidents and events. The Security Engineer will collaborate with teams to triage incidents, root cause analysis and continuous gap analysis in our threat model and ensure compliance with the regulatory requirements while providing strong technical support, enabling technical decisions to be made with confidence and at pace.
This role generally works a standard business week, but occasional weekend work / out of hours may be required.
Responsibilities (Duties may include but are not limited to)
-
Detect security events and incidents in real time through centralized monitoring
-
Conduct reviews of events, incidents, trends, industry publications and make recommendations on improvements
-
Contribute to the execution of SOC capabilities ensuring efficient and effective operation of detection and threat modelling
-
Perform analysis and response to detected events, escalating issues where appropriate
-
Create and curate Security Operations Documentation
Education and/or Experience
-
College degree or equivalent work experience
-
3-5 years in Information Technology, with a comprehensive Security Operational background
-
Experience with security frameworks (NIST, MITRE, CIS, ISO & SOC2)
-
Hands-on experience with the configuration of cloud technologies preferred
Knowledge, Skills and Abilities
-
Deep understanding and strong interest in threat intelligence trends
-
Strong root cause analysis, problem-solving, and analytical skills
-
Extensive knowledge of cloud operations and automation
-
Basic understanding of containerization technology
-
Knowledge of privileged access management, vulnerability management, and threat intelligence
-
Build multilayer working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism
-
Excellent communication and analytical skills for incident and problem management as well as stakeholder management
-
Ability to effectively document operational process and procedures
-
Adaptable to a fast-paced work environment and an ability to prioritize projects
Technical Skills
-
Basic understanding of SecOps tools (Rapid 7, Cloud Conformity, New Relic, etc.)
-
Excellent understanding of Amazon Web Services (AWS) the AWS shared responsibility model, KMS, CloudTrail, CloudWatch, CloudFormation ,Lambda and GuardDuty, and Inspector
-
Basic understanding of SIEM and SOAR tooling
Language Skills
-
Ability to speak the English language proficiently, both verbally and in writing.
Travel Requirements
-
This position may require up to 10% travel based on business need.
Work Environment
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
-
Employee works primarily in a home office environment.
-
The home office must be a well-defined work area, separate from normal domestic activity and complete with all essential technology including, but not limited to; separate phone, scanner, printer, computer, etc. as required in order to effectively perform their duties.
Work Requirements
-
Compliance with all relevant FINEOS Global policies and procedures related to Quality, Security, Safety, Business Continuity, and Environmental systems.
-
Travel and fieldwork, including international travel may be required. Therefore, employee must possess, or be able to acquire a valid passport.
-
Must be legally eligible to work in the country in which you are hired.
FINEOS is an Equal Opportunity Employer. FINEOS does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.