Security Engineer

  • Cambridge Health Alliance
  • Somerville, MA, United States
  • Nov 23, 2022

Job Description

Location: CHA Somerville Campus 

Work Days: 8-5 M-F  

Category: Information Technology  

Department: IT Client Services  

Job Type: Full time  

Work Shift: Day 

Hours/Week: 40.00 

Union: No 

Union Name: Non Union

DEPARTMENT DESCRIPTION:

Your colleagues are a progressive, innovative, fast-paced and dynamic information technology, health information management, library and training team supporting a vibrant health system that serves everyone in need.   

Summary:
• Work closely with Systems and Network engineering teams on the design, development, and operation of secure online services
• Maintain MS Exchange environment in a secure and highly available manner
• Acting as an internal advocate and resource on securing CHA data, systems, applications and networks in accordance with security best practices Evaluate new and emerging security technologies, features, and products
• Perform security incident response and forensics investigation activities
• Perform various IT system support and system administration tasks as needed


Key Responsibilities:

  •  Ability to work independently and efficiently to meet deadlines
  •  Expertise in network security including firewall configuration, network intrusion detection systems, Virtual Private Networking, DNS, etc. Experience with host and network based security across multiple architectures and platforms (Wintel, Unix/Linux, Mac OS X, Mobile, Wireless etc…)
  •  Strong understanding of encryption and authentication technologies
  •  Network/Application security vulnerability assessment and management experience (e.g., Nessus, Qualys, Foundscan, AppScan, Palo Alto)
  •  Experience in network traffic analysis, packet capture and analysis. Good understanding of Layer 2 and 3 routing and switching protocols
  •  Knowledge of and ability to exploit attack vectors such as SQL injection, XSS, CSRF, session-hijacking (experience using frameworks such as Metasploit/Core Impact, etc. desirable )
  •  Knowledge of cloud computing concepts and application security architecture
  •  Proficiency in multiple scripting languages (e.g., bash, PERL, Python, PowerShell, Ruby)
  •  Excellent communication (oral and written), interpersonal, organizational, and presentation skills with an ability to represent complex data in executive level graphical reporting dashboards. Knowledge of regulatory requirements and ability to implement technical aspects, HIPAA and HIPAA-HITEC and other compliance standards where applicable.
  • Knowledge of security industry standards such as ISO, NIST and FISMA

   

Minimum Qualifications:

Education/Training:
Bachelor's degree in engineering, computer science or a related field is required. An advanced degree in computer science, engineering or equivalent experience is preferred.
Certifications: Security and Technical Certifications: Security+, CISSP or equivalent
Work Experience: 4-6 years of directly related experience.

 
In keeping with federal, state and local laws, Cambridge Health Alliance (CHA) policy forbids employees and associates to discriminate against anyone based on race, religion, color, gender, age, marital status, national origin, sexual orientation, gender identity, veteran status, disability or any other characteristic protected by law. We are committed to establishing and maintaining a workplace free of discrimination. We are fully committed to equal employment opportunity. We will not tolerate unlawful discrimination in the recruitment, hiring, termination, promotion, salary treatment or any other condition of employment or career development. Furthermore, we will not tolerate the use of discriminatory slurs, or other remarks, jokes or conduct, that in the judgment of CHA, encourage or permit an offensive or hostile work environment.