logo inner

Senior Security Engineer

GHXOnsite

Summary:


The Sr Security Engineer/Lead Cyber Incident Response Team (CIRT) Member will play a critical role in managing and coordinating responses to cybersecurity incidents. This position is responsible for overseeing the detection, analysis, and mitigation of security threats, ensuring timely and effective incident response, and leading the organization's efforts to protect its assets from cyberattacks. The Sr Security Engineer acts as a point of contact during security events, liaises with other IT and security departments, and ensures proper procedures are followed to minimize damage and prevent future incidents.Principal duties and responsibilities:

Incident Detection and Analysis:


  • Monitor security systems and event logs to detect potential security breaches.
  • Perform detailed analysis of security incidents to determine their scope, root cause, and impact.
  • Lead investigations into complex cybersecurity incidents, such as data breaches or advanced persistent threats (APTs).

Incident Response and Mitigation:


  • Coordinate the immediate response to security incidents, including containment, eradication, and recovery activities.
  • Lead incident response teams to quickly mitigate active threats and prevent further damage.
  • Ensure the deployment of countermeasures and corrective actions to safeguard the organization.

Communication and Reporting:


  • Act as the main point of contact during active incidents, communicating status updates to executives, IT teams, and relevant stakeholders.
  • Prepare detailed incident reports, outlining actions taken and lessons learned.
  • Provide briefings to senior management on incident findings, risks, and mitigations.

Team Leadership and Coordination:


  • Lead a team of cybersecurity analysts, providing guidance, mentorship, and oversight on incident response practices.
  • Collaborate with other IT and security departments to ensure a unified approach to incident handling and remediation.
  • Organize regular incident response drills and tabletop exercises to test and improve the team's readiness.

Post-Incident Analysis and Documentation:


  • Conduct post-incident reviews to evaluate the effectiveness of the response, identify any gaps, and recommend improvements.
  • Update and maintain incident response plans and playbooks based on new threats and lessons learned from past incidents.

Proactive Threat Hunting and Vulnerability Management:


  • Lead proactive threat hunting activities to identify weaknesses or potential attack vectors.
  • Work closely with vulnerability management teams to ensure prompt remediation of security vulnerabilities.

Required Qualification


  • Bachelor’s degree in computer science or related field plus 5 years related experience, OR Master’s degree plus 3 years related experience.
  • Confirmed experience related to hands on technical focus across many areas of security engineering (Ex: Network Segmentation, firewalls, secure remote access, cloud security, IAM, PAM, EDR, DLP etc.)
  • A proven track record in developing information security policies and procedures, and successful execution.
  • Extensive knowledge of business risk, risk assessment and risk-based decision making.
  • Able to communicate security and risk-related concepts to both technical and non-technical audiences (in business terms), including executive level.
  • Ability to inspire and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals; an innovative leader, problem solver and consultant.
  • Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function.
  • Management experience with demonstrated deliveries in developing a team.
  • Excellent written and verbal communication, interpersonal and collaborative skills.
  • Experienced with contract and vendor negotiations.
  • Ability to effectively prioritize and execute tasks in high-pressure situations.
  • Knowledge of security, risk and control frameworks and standards such as ISO 27001 and 27002, NIST 800-53, HITRUST and FedRAMP.
  • Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy.
  • Technical acumen including but not limited to: Security Engineering, IT infrastructure, cloud, application development languages, tools and frameworks, database technologies, web technologies, next gen mobile, network architecture, enterprise architecture, and directory services.
  • Security technology acumen and experience including but not limited to:
  • firewall, intrusion detection, cyber-attack tools and defenses, encryption,
  • certificate authority, web filtering, anti-malware, anti-phishing, identity and
  • access management, multi factor authentication.

SKILLS RELATED TO POSITION:


  • Cyber Security, AWS

GHX: It's the way you do business in healthcare


Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively.

Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer


Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law.

This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law.

GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Life at GHX

GHX is a software-as-a-service company that's reducing the cost of doing business in healthcare by automating supply chain processes and improving visibility into the products used in patient care. We've built the GHX Global Network, the world's largest community of healthcare trading partners, connecting supply chain, finance and clinical professionals with their suppliers. Our cloud-based technology makes it easier for customers to drive costs out of the healthcare supply chain. Since 2010, we've saved the healthcare industry $5+ billion. Today were expanding our solutions to further enhance data management and allow integration of clinical and business systems. The Industry We Serve Our focus is on the healthcare supply chain, through which hospitals and their suppliers buy and deliver the thousands of medical-surgical supplies that clinicians need to effectively care for patients. For most hospitals, supply chain costs are the second largest and fastest growing operational expense, so reining in these costs is imperative. Our Products and Services At the heart of GHX is the GHX Exchange, a platform that connects healthcare providers and suppliers so they can work together electronically. This helps lower costs and simplifies supply chain management by eliminating error-prone, manual order processes. GHX solutions include: An open and neutral electronic trading exchange Procurement and accounts payable automation Content, contract and inventory management Business intelligence and reporting Standards enablement and data synchronization
Thrive Here & What We Value- Fostering a diverse and inclusive workplace where everyone feels valued and supported- Committed to building a team that represents a variety of backgrounds, perspectives, and skills- Emphasis on maximizing automation, efficiency, and accuracy of business processes- Passion for a more operationally efficient healthcare supply chain- Belief in empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics, and services.- Dedicated to providing equal opportunities for qualified applicants- Believes in fostering a diverse and inclusive workplace where everyone feels valued and supported- GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.</s>
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2024