CURRENT OPPORTUNITIES

Search for staff jobs. You will create a profile with your first application submission. Questions? Ask HR.

Sr Security Eng - Forensics

  • Requisition no: 503812
  • Work type: Full Time
  • Location: Medical Center
  • School/Department: CUIMC IT
  • Grade: Grade 106
  • Categories: Information Technology

Position Summary

The Security Operations team is a part of the Information Security Office (ISO). The Senior Security Engineer will report to Information Security within the ISO. The candidate will be the principal information security technical resource responsible for the execution of incident response, threat monitoring, vulnerability management, and forensic investigation.


Responsibilities

  • Lead technical operations in coordinated incident response procedures as necessary, including but not limited to a) identifying and analyzing events and alerts for harm, b) executing containment actions, c) providing detailed direction to desktop analysts on eradication and recovery, d) concluding incidents with appropriate reporting and documentation, e) participating in lessons learned activities, f) synthesizing lessons learned into system design and development project, g) leading said projects  30%
  • Administering the technical vulnerability scanning and real-time threat monitoring programs  25%
  • Lead and mentor other members of team on information systems incident response, threat monitoring, and vulnerability management  20%
  • Coordinate and lead vendor professional services and contract resources as needed to execute security monitoring, forensic, and incident operations  10%
  • Drive process improvements through the effective use of deployed systems, especially between Information Security Operations and Information Security Risk Assessment, CORE Networking, IT Help Desk, Other IT Stakeholders, and other business process owners  5%
  • Leverage experience in the field to contribute design criteria to the overall development of security standards, procedures and guidelines  5%
  • Other duties as required  5%

Minimum Qualifications

  • Requires a bachelor's degree or equivalent in education and experience, plus five years of related experience.

Preferred Qualifications

  • Requires a bachelor's degree or equivalent in education and experience, plus five years of related experience.
  • Knowledge of security standards such as HIPAA/HITECH, PCI-DSS, ISO 27001/2, NIST
  • The ideal candidate will understand the development of Information Security systems, the security issues of application development generally, and the security and development issues involved in integrating an environment of multiple complex systems.
  • Experience in information security risk assessment, preferably in an academic medical institute setting. The ideal candidate will have an in-depth understanding of the HITRUST CSF based on practical working experiences and a functional knowledge of security standards such as HIPAA/HITECH, PCI-DSS, ISO 27001/2, NIST
  • Proficiency in determining the root cause of security issues and a solid understanding of exploits and vulnerabilities
  • Familiarity with web application security vulnerabilities such as XSS, SQLi, CSRFs
  • High level of integrity, and sound judgment concerning security and privacy.
  • Good written and verbal communication skills a must. Technical writer capable of producing technical documentation, incident reports, and risk documentation for non-technical executives,
  • Ability to understand and work with healthcare professionals, educators and researchers.
  • Ability to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents.
  • Strong background information security practices with significant experience in a complex, multiplatform, higher education or healthcare IT environment.
  • Master's degree in information security and assurance or equivalent experience is desired.
  • The ideal candidate will also have formal training in Health Information Technology from a highly ranked educational institution, and SANS GCIH certification. Especially relevant experience will deal with forensic investigation using EnCASE, and experience in incident response protocols, especially in a health care context.
  • Experience in information security technical tools using Symantec DLP, BlueCoat Proxy, Cisco Firewall, Bradford, Proofpoint, FireEye, Netwitness, Nexpose, Acunetix, NMAP, and other tools.
  • Skills in wired and wireless network security.
  • Experience in securing, monitoring, and operational incident response on web applications, SMTP email services, and other critical I.T. services.
  • Technical writer capable of producing technical documentation, incident reports, and information security awareness materials. A technical writing sample and detail cover letter demonstrating an understanding of the job is required.  

Other Requirements

  • Type other requirements and/or special indicators if CUIMC

Equal Opportunity Employer / Disability / Veteran

Columbia University is committed to the hiring of qualified local residents.

Applications open: Eastern Daylight Time
Applications close:

Back Apply Share

Share this via:

| More
Back to Top