The Security Engineer will perform in a Lead role for a cross-functional team comprising Security Architecture & Engineering, Risk Management and Security Operations in one or more of the following service areas: Access Management, Data Protection, Device Security, Secure Configuration and/or Vulnerability Management.  Will partner closely with InfoSec Management and Security Architects to drive a roadmap of projects and initiatives across their respective service area(s).

Competencies and Knowledge:
 

·       Demonstrated experience in management of Security incidents including processes and procedures, security incident response teams, and providing management status and/or reports.

·       Familiarity with Security industry best practices (HIPAA, ISO, NIST, etc.).

·       Familiarity in industry standard tools and technology, which may include application development languages and packages, client/server systems, security (firewalls/encryption products), Web servers and applications, and various third-party utilities and tools for integrating applications with databases and legacy systems.

·       Demonstrated ability to obtain relevant information, assess validity, and recommend the best solutions to complex business problems.

·       Ability to express complex technical concepts in terms that are understandable to the business and simultaneously ensure confidentiality.

·       Must be able to work effectively with other team members across the IT organization, management, and business customers. Demonstrated ability to be flexible when changes in work are introduced and be focused on finding solutions to meet the business needs.

·       Able to work with general direction; manage own workload, resolve conflicting priorities, and deliver on commitments.

·       Must be able to effectively adapt to rapidly changing technologies and methodologies and apply them to technological and/or business needs.
 

Responsibilities:
 

·       Report on security metrics around vulnerabilities, viruses, email spam, malware, patch levels, etc.
Provides reports and metrics on the health and welfare of Security within Cambia to the CISO.

·       Responsible for the planning, design, enforcement, and review of technology events to help ensure compliance with security policies, standards, and procedures under appropriate management guidance.

·       Establishes security standards for configuration of security devices; reviews new and existing operating and application systems, and network implementations for appropriate information protection.
 

·       Establishes and monitors appropriate security safeguards within corporate information systems and networks across all computing platforms.

·       Provides leadership, process and procedures for Security incident management

·       Maintains knowledge of changing technologies, provides recommendations and feedback on adaptation of new technologies or policies.

·       May be primary person responsible for Vulnerability Management Program, including vulnerability assessment and mitigation facilitation.

·       Have a broad range and expert knowledge of security assessment tools and manual security testing techniques.

·       Broad knowledge of cyber security threats and techniques used by adversaries to compromise systems – both technical and non-technical techniques.

·       Identify, collect, preserve, and analyze electronic information relevant to a case, incident or event of interest.
 

Education and Experience:

·       Bachelor’s degree in Computer Science, Mathematics, Business Administration, or a related field. 8+ years of experience designing, implementing, and operating security technologies such as endpoint protection, vulnerability scanners, network firewalls, identity and access management, penetration testing, and intrusion detection/prevention.

·       3+ years of experience delivering training for security operations staff

·       8+ years of experience creating security policies, standards, or procedures.

·       1 year of experience as a technical team leader or technical manager; or equivalent combination of education and experience.

·       CISSP or other security-related certifications are preferred.

About Motus Recruiting and Staffing, Inc:

Founded in 2006, Motus is an award-winning recruiting and staffing firm in the Pacific Northwest, specializing in professional services and technology solutions. We are a group of people who not only recognize the importance of representation, but actively fight for diversity, equity, and inclusion in the recruitment process. Our goal is to educate organizations on the importance of DEI when hiring, promoting, and supporting diverse employees. We are calling organizations to demonstrate their commitment to DEI by being intentional about who they hire.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, citizenship, disability or protected veteran status.

IT 8772