[Remote] Security Engineer
Note: The job is a remote job and is open to candidates in USA. Outsourced HR Solutions LLC is seeking a Security Engineer responsible for securing, maintaining, and monitoring enterprise infrastructure and networking security. The role involves detecting vulnerabilities, planning remediation efforts, and implementing best practices for information security.
Responsibilities
- Manage IT Security operations
- Vulnerability detection through scanning platforms (Rapid7)
- Implementation and planning with business and engineering team of found vulnerabilities
- Remediation of vulnerabilities through multiple vectors (WSUS, GPO)
- Antivirus policy creation, reporting, and remediation on malicious files (SentinelOne)
- Plan for GPO policy upgrades to secure business operations (Active Directory)
- Audit and remediation of access permissions for NFS/NTFS systems (Shared folders)
- Adhere to best practices of securing currently used applications and platforms (MFA, Certificate)
- Coordinate with staff for deployment of remediation’s with urgent vulnerabilities (Emergency Remediation, I.E WannaCry)
- Participate in internal and external audits (HiTrust)
- Maintain or create policies, procedures, and other documentation when necessary
- Find security gaps within the infrastructure
- Development and Documentation of Security Practices
- Lead and execute projects for security
Skills
- Four-year degree or higher in Information Systems or Security, or related field or equivalent combination of work
- Very strong Hands-on experience (Required 5+ years) of computer related security experience in a technical role within Information Technology
- Advanced understanding of infrastructure. Active Directory, Exchange, Windows desktop/server OS, VMware, storage systems, DNS, firewalls
- Advanced understanding of protocols. WMI, SNMP, TLS, SSL, SMB, Cypher Suites
- Advanced understanding of securing systems and platforms through device/policy hardening
- Understanding of SSL Certificates
- Ability to communicate technical information in a clear manner, both written and verbally, to end users
- Proficient knowledge of MS Outlook, Word, Excel, Visio and PowerPoint
- Experience with HIPAA, HITRUST, HITECH, PCI, ISO 27001, ISO 27002, URAC regulations and awareness and/or experience with CMS, NIST and other healthcare industry related regulations
- Availability to work nights and weekends during (un)planned outages and other special circumstances, with 24/7 accountability
- Availability to enter on call rotation
- Previous engineering experience preferred
- CISSP, CISM, CISA, CCSP, ITIL, Security + or other related certification preferred
- Working knowledge of various Identity and Access management systems a plus
Company Overview