at NorthShore University Health System in Arlington Arlington Heights, Illinois, United States
Job Description
Position Highlights:
Position: Security Engineer III - Crowdstrike EDR
Location: 4901 Searle Parkway, Skokie IL
Full Time
Hours: Monday-Friday, 8am- 4:30pm
Hybrid work
On call rotation
A Brief Overview:
As the Security Engineer III at Endeavor Health, you will be responsible for enhancing Cybersecurity and safeguarding the organization's data and resources primarily through remote work. This role involves managing a CrowdStrike EDR System, documenting, and refining security procedures, conducting system reviews to ensure compliance with security requirements, execute risk management and governance tasks, or leading security incident response activities. The Security Engineer III will also design and implement security policies for various devices and systems, oversee security for internal and external systems, and mentor junior staff. Candidates should be proficient in using advanced security tools. Responsibilities extend to participating in compliance audits, managing cybersecurity projects, and ensuring alignment with HIPAA, other applicable laws and regulations and/or standards. This mostly remote role may include a 24/7 on-call rotation and requires strong leadership, project management, and communication skills.
To be successful in this role, you will be expected to stay up to date on the latest solutions and technologies and advocate for the adoption of industry best practices.
What you will do:
Manage a CrowdStrike EDR System to fully leverage capabilities across our system and implemented according to best practices.
Work with application teams to ensure their application or system will work with CrowdStrike, while following best practices defining exclusions.
Document and refine procedures and techniques used by the Information Security and other teams.
Measure and report organization's security capabilities using automated and manual tools.
Research and test security tools pertaining to tactical or strategic plans.
Perform activities as outlined in the security incident management procedure.
Review logs from security tools, including IPS/IDS, secure email gateway, data loss prevention system, content proxy, vulnerability assessment tools, antivirus, etc.
May visit specific sites to identify cyber security vulnerabilities and report on findings.
Socializes strategies, standards, policies, procedures, communications, and awareness efforts with business partners.
Participates in reviews of new or existing systems to ensure security requirements are satisfied, prior to implementation, including Risk Assessment.
Assists with system-wide compliance of the HIPAA Security and Privacy rules and other appropriate standards, audit requirements, works with internal audit staff to conduct regular tests and audits. Assists with external security assessments and penetration tests, and other activities.
Designs policies as required for security devices, including IPS/IDS, antivirus, and vulnerability management tools.
May oversee internal or external systems security (i.e., cloud services).
Lead security incident response activities.
Mentor and train junior staff on the effective use and management of security tools.
Design comprehensive security measures, integrating new technologies and methodologies.
Manage multiple cybersecurity projects.
Expert in one or more specialized areas
Proficient in the use of 4 or more advanced security tools and mastery in at least one tool.
What you will need:
Minimum Education Required
Bachelor's degree
Minimum Certification Requirements
One certification with a focus on security.
Minimum Work Experience
Minimum two (2) years managing a CrowdStrike system
Minimum eight (8) years combined IT/ Cybersecurity experience.
Previous experience with ability to lead, support, and document two applications.
Previous experience leading security initiatives.
Demonstrated in-depth knowledge of information security principles, practices, and solutions.
Demonstrated understanding of advanced security protocols and standards
Leadership and project management skills.
Experience with desktop, server, network, and application security teams
Proven communication, customer service, and organizational skills
Experience with common security testing methods and tool sets such as email security, data loss prevention (DLP), IDS/IPS, EDR, anti-malware, and proxy tools
Previous experience with HIPAA, ITIL, NIST, and Project Management
Benefits:
Career Pathways to Promote Professional Growth and Development
Various Medical, Dental, Pet and Vision options
Tuition Reimbursement
Free Parking
Wellness Program Savings Plan
Health Savings Account Options
Retirement Options with Company Match
Paid Time... For full info follow application link.
EOE: Race/Color/Sex/Sexual Orientation/ Gender Identity/Religion/National Origin/Disability/Vets, VEVRRA Federal Contractor.