Infrastructure Network Security Engineer

Information Systems Worcester, Massachusetts


Description

Position at UMass Memorial Health

Everyone Is a Caregiver.

At UMass Memorial Health Care, Everyone is a Caregiver regardless of title. Exceptional patient care, academic excellence and leading-edge research make UMass Memorial the premier health care system of Central and Western Massachusetts, and a place where we can help you build the career you deserve. We are more than 14,000 employees, working together as one health care system. And everyone, in their own unique way, plays an important part, everyday.

Requisition # 220410

Title: Infrastructure/Network Security Engineer 

Department: Information Systems

Location: UMass Memorial Health, 100 Front St, Worcester, MA

Position Summary:

This position is a key contributor supporting the organization as a member of the Architecture, Engineering, and Incident Response group within Information Security. The role is a subject matter expert in the areas of network & infrastructure security. This position is a hands-on engineering role with technical management responsibilities as needed.

Major Responsibilities:

  • Mitigates risk of the organization’s vulnerability to Cybersecurity attacks through engineering/installation/management of a Security Information Event Management (SIEM) system.
  • Monitors systems/network for security breaches/intrusions using the SIEM system to audit and maintain security controls to ensure compliance with regulatory policies. Identifies any weaknesses and recommends enhancements to existing monitoring and security operations.
  • Participates in the deployment and operation of information security systems, including integration, testing, troubleshooting, and updating/upgrading of various security tools and appliances.
  • Develops signatures for Indicators of Attack (IoA) and Indicators of Compromise (IoC) to enhance the capabilities of existing technical controls or the cleanup required for affected systems.
  • Participates in full stack risk assessments including architecture, implementation, integration, and user related risk vectors.

Position Qualifications:

License/Certification/Education:

Required:

  • Bachelor’s degree in Computer Science or related field
  • Certified Information Security Systems Professional (CISSP) required (or ability & commitment to obtain within 2 years).

Preferred:

  • Master’s degree
  • Certified Information Security Manager (CISM) certification, Certified Information Systems Auditor (CISA) certification, or SANS/GIAC (Global Information Assurance Certification) (multiple disciplines apply)

Experience/Skills:

Required:

  • Minimum of 8 years of experience in information technology network services and security
  • Experience utilizing, tuning, maintaining, and extending commercial SIEM solutions
  • Well versed in the open systems interconnection (OSI) model with proven expertise and subject matter ownership of layers 1-4.
  • Experience with initial deployment, resource tuning, asset/network profiling, and configuration of JavaScript Object Notation (JSON) and proprietary application program interface (API) facilities.
  • Experience in the creation and analysis of NetFLow, packet capture (PCAP), and other packet data formats and identifying root cause (patient zero) source, propagation routes, vectors, and mechanisms from PCAP data to contain an ongoing issue or quantify resulting damage.
  • Proficient in attribute disambiguation, context, and event timeline creation using standard open source and commercial tools.
  • Ability to enhance the efficacy of technical controls (AV, APT, FW, et al) through the use of STIX, TAXII, and CybOX intelligence sharing mechanisms.
  • Working competency in the use of standard scripting languages such as Python, Perl, Go, et al.
  • Experience working with large data sets using standard tools and methodologies and with data visualization applications and tools such as DAVIX and Tableau.
  • Expertise presenting data and resulting analysis in a clear and concise manner to technical, business, and legal audiences.
  • Demonstrated effective verbal and written communication skills.

Preferred:

  • Experience with open source platforms such as Elasticsearch
  • Experience with YARA

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Standards of Respect: