Consultant Cyber Security EngineerLouisville, Kentucky
A well-qualified candidate will be responsible for the analysis and response to 3rd level security events. This will require knowledge for working information security alerts though the use of a Security Information and Event Manager (SIEM) to triage, mitigate, and escalate issues as needed while capturing essential details and artifacts. On-call responsibilities will be required. The candidate will need to demonstrate proficiency with the tools and processes mentioned in the Knowledge/Skills/Abilities section.
Act as liaison with solution owners and IT groups to ensure understanding of security principles
Possess strong analytical, collaborative, problem solving, organizational and planning skills
- Possess strong written and oral interpersonal skills
Collaborate with members of the Kindred Information Security department, application owners, software architects, and administrators.
Ability to keep CISO and senior executives informed of security incidents and answer security related questions/concerns of senior executives in clear, concise, understandable manner.
- Ability to work independently as needed.
Ensure that all solutions set up for security and monitoring can effectively monitor and report upon security events happening within the environment
Stay informed on attacks and vulnerabilities on all types of systems, including all Microsoft Windows system, AIX, Linux, Cisco IOS, Apple OS X and audit compliance of Vulnerability Management Program
Make recommendations for changes to the environment that can help in the removal of vulnerabilities and reduction in the risk of exploitation that may result in potential incidents
Initiate and produce custom scripts needed to make logging and alerting requirements easy and effective
Architect, design, implement, maintain and operate information system security controls and countermeasures.
Analyze and recommend security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
Monitor information systems for security incidents and vulnerabilities; develop monitoring and visibility capabilities; report on incidents, vulnerabilities, and trends.
Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
Analyze and develop information security policies, procedures, standards, baselines and guidelines with respect to information security.
Assess, plan, and enact security measures to help protect an organization from security breaches and attacks on its computer networks and systems.
Oversee penetration tests and vulnerability scans to identify vulnerabilities, and consulting with technical teams on remediation of identified vulnerabilities.
Evaluate, test, and recommend security software to help protect the company’s data
Develop and conduct table top exercises testing the incident response plan
- Healthcare experience is preferred
- Excellent written and verbal communication skills
- Possess a high level of technical knowledge of security platforms including:
- Palo Alto Next Generation firewalls
- Sourcefire IPS/Sourcefire AMP
- Cisco ASA firewalls
- Proofpoint email protection
- Carbon Black Response
- Qradar SIEM
- Netskope CASB
- Symantec DLP
- Investigate security incidents through log analysis, interviewing, evidence collection and preservation, and forensics.
- Utilize sensor data and correlated logs containing IDS/IPS, Antivirus, Windows events, web, and similar data to establish context and Identify false-positives and false-negatives.
- Perform security analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, Mac Operating System (OS), UNIX, Linux, and mainframes
- Candidates will be expected to have enough familiarity with security systems and principles, and be able to function interchangeably within a team of engineers to support a cross functional approach within a highly complex and interconnected networked environment.
- Utilize sensor data and correlated logs containing IDS/IPS, Antivirus, Windows events, web, and similar data to establish context and identify false-positives and false-negatives.
- Perform analysis on hosts running on a variety of platforms and operating systems, to include, but not limited to, Microsoft Windows, Mac Operating System (OS), UNIX, Linux, and mainframes
- Candidates will be expected to have enough familiarity with multiple systems that they can function interchangeably within a team of engineers and support a cross functional approach to resolving issues within a highly complex and interconnected networked environment.
- Bachelor's degree in computer science, information systems, cybersecurity or a related field.
- Relevant experience may be substituted in some cases
- Desired: Certifications such as: CISSP Security Essentials – SEC401 GIAC GCIH/GCIA Hacker Guard: Security Baseline Training – SEC464 CEH
- 5+ years of experience in a cybersecurity discipline at a senior level.
- Experience working security events as a cybersecurity engineer events in a team environment.
- Review of network controls such as firewall rules.
- Ability to consult with IT stakeholders as needed
Sign up for Job Alerts
Get the latest job openings based on your interests, skills and background sent directly to your inbox.
Connect with Our Recruiters
Share some preliminary info about yourself and we will contact you to discuss your interests and career and future opportunities.