Senior Information Security Engineer

Job Summary

The Information Security Engineer is responsible for security architecture, endpoint security, network security, the secure configuration of systems, and access control. This position requires a thorough understanding of current and emerging threats and technologies. In addition, this position is responsible for designing and deploying information security technologies to directly support the organization’s efforts in securing the company’s information and enforcing directives as mandated by regulations and Masimo policy.

Duties & Responsibilities

• Serve as subject matter expert on various special projects and initiatives within the organization;
• Leads the planning, design, documentation, and engineering of security solutions across the enterprise;
• Perform security review activities for applications, networks, servers, and databases to ensure secure deployments;
• Monitor or manage IDS/IPS, firewalls, anti-malware tools, DLP, and other security solutions;
• Promote acceptance of security technologies within the organization, balancing business goals, security controls, and customer usability;
• Design, review and update information security policies, standards, procedures, and other related documentation;
• Investigate Information Security related incidents as reported to the organization or identified with our security tools;
• Perform root-cause analysis on Information Security related incidents and updates procedures or other controls to stop/mitigate future incidents as well as determine and implement enhancements to improve security in the future;
• Solve complex security-related problems and take a broad perspective to identify strategic solutions;
• Promote security awareness and provide training/communications to internal end-users;
• Maintain broad knowledge of best practices and stay informed on trends and issues in the field of Information Security, including current and emerging technologies;
• Perform all other duties as assigned;

Minimum Qualifications

• Strong knowledge of information security products and implementations, with an emphasis on design in the areas of networks, servers, endpoints, applications, databases, and integration;
• Strong knowledge regarding common attacks, attack methods, and defense architectures;
• Strong knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security;
• Strong knowledge of network and host-based intrusion detection systems and architecture;
• Familiarity with common Information Security frameworks and standards and compliance and regulations such as ISO 27001/27002, NIST, PCI DSS, HITRUST, HIPAA, HITECH, etc.;
• Experience with Information Security Policy and Procedure development and implementation;
• Understanding of risk management principles and methodologies;
• Excellent written and verbal communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences;
• Must be organized, detail-oriented, deadline-driven, and able to handle multiple responsibilities in a fast-paced environment;
• Ability to collaborate in a team setting, as well as work independently;
• An understanding of organizational mission, values, and goals and consistent application of this knowledge;

Preferred Qualifications

• Ability to collaborate in a team setting, as well as work independently;
• Experience with vulnerability scanners and penetration tools;
• Identity & Access Management (IAM) experience;
• Cloud security experience;
• Identity & Access Management (IAM) experience;
• CISSP (Certified Information Systems Security Professional) or other related information security certifications preferred;

Education

• Bachelor’s Degree in Computer Science, Engineering, Information Security, or related field of study or equivalent work experience. Master’s degree a plus.
• 5+ years of related work experience in information security or an equivalent combination of education and work experience.
• 7+ years progressive work experience in information technology/security overall.

About Us

For over thirty years, Masimo has been expanding the boundaries of noninvasive monitoring to improve patient outcomes and reduce the cost of care. Today, Masimo delivers a portfolio of hospital-trusted monitoring solutions to help increase patient safety, health, and wellness in the hospital and at home. When you join our team, you’ll be part of a culture that’s driven by passion, challenging the status quo, and making an impact in the lives of others.OrganizationInformation Technology (IT) oversees the company’s hardware, software, and networking of computers. In addition, the staff assists with providing technical support and training to all of Masimo’s computer users.