IT Security Operations Engineer

Job description
• Requisition no: 522946
• Work Type: Full Time
• Location: Campus|Medical Center
• School/Department: null
• Categories: Information Technology
• Job Type: Officer of Administration
• Regular/Temporary: Regular
• Hours Per Week: 35

Position Summary

The Information Security Operations Engineer will report to the Information Security Operations Manager within the Information Security Office (ISO). The role is responsible for monitoring and evaluating data from SIEM (Security Incident and Event Management) systems in order to promptly identify, evaluate and respond to information security incidents impacting Columbia University Irving Medical Center.

The role will: contribute to security systems design, provide programming support, draft incident reports; contribute to the collection and analysis of data to provide accurate and useful security metrics, vulnerability management and threat modeling; interact with CUIMC technical resources and other key stakeholders to facilitate coordinated security operations between central and distributed IT; and assist in thought leadership activities which promote greater awareness of information security leading practices. On-call hours are required for all operations staff.

Responsibilities
• Monitor and evaluate data from security event information feeds and ticketing systems in order to promptly identify, evaluate, triage and respond to information security incidents impacting Columbia University Irving Medical Center as part of the Incident response program 25%
• Work with IT resources and other key stakeholders around CUIMC to facilitate coordinated security operations around vulnerability management, pen-testing, baseling 20%
• Participate in incident handling and response including possible off-hours response 15%
• Contribute to the security systems design process and projects as a programming resource 15%
• Prepare accurate and useful security metrics, based on event feeds and ISO activity, threat intelligence and other analysis 10%
• Draft technical documentation, incident reports, communications to other technical staff 5%
• Assist in security thought leadership activities which promote greater awareness of information security leading practices 5%
• Other duties as required 5%

Minimum Qualifications
• Requires a bachelor’s degree or equivalent in education, training and experience, plus three years of related experience

Preferred Qualifications
• Relevant work experience either in applications development, IT operations, incident management in healthcare, research, institutes of higher learning, and corporate environments. Evidence of current technical skills is strongly favored.
• Understanding of the CVSS, CVE , MITRE, Device Benchmarking, security frameworks as well as threat and vulnerability management workflows.
• Experience in information security technical vulnerability testing using Nexpose, AppSpider, NMAP, and other tools.
• Experience in network and applications security.
• Experience in securing, monitoring, and operational incident response on web applications, SMTP email services, and other critical IT services.
• Must be a clear technical writer capable of producing technical documentation, incident reports, and information security awareness materials.
• Ability to understand and work with healthcare professionals, educators and researchers.
• Ability to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents.
• Experience working in a HIPAA/HITECH/OMNIBUS-regulated environment. Functional knowledge of other relevant compliance regulations (PCI, FERPA, Data Breach Acts, FISMA) and security standards (HITRUST, PCI-DSS, ISO 27001/2, NIST). Experience working in an academic medical center or hospital environment a plus.
• The ideal candidate will understand the development of Information Security systems, the security issues of application development generally, and the security and development issues involved in integrating an environment of multiple complex systems.
• General experience in application installation, configurations, and deployments in enterprise environments.
• ISACA, ISC2 , or any relevant GIAC or industry recognized Security certifications highly preferred.

Other Requirements
• Rotating On-Call coverage, on nights and weekends, is required for this position
• Subject to business needs, we may support flexible and remote work arrangements. Options will be discussed during the interview process
• Experience in designing, building and deploying automation to scale for vulnerability discovery efforts and device security compliance.
• Strong Knowledge in security systems design process and technical mitigation.
• Relevant soft skills to influence a cross functional team to accomplish goals
• Knowledge across different IT verticals and ability to evaluate, deploy and apply security IT principles to new technologies.

Equal Opportunity Employer / Disability / Veteran

Columbia University is committed to the hiring of qualified local residents