As the leader of rehabilitative care, Encompass Health offers both facility-based and home-based patient care through its national network of rehabilitation hospitals, home health agencies, and hospice agencies that spans 42 states and Puerto Rico. Setting the standard for providing excellent care, Encompass Health has earned its place among Modern Healthcare’s “Best Places to Work in Healthcare” and the Fortune “World’s Most Admired Companies” for 2021.
POSITION PURPOSE
The Senior Security Administrator position is a hands-on security controls administrator role that requires technical experience in security product administration, cyber threat analysis and, an inquisitive desire to investigate security related anomalies. This person is responsible for a broad range of tasks, including the day-to-day administration of security devices, cyber alert response and to hunt, analyze, then solve security related challenges. This position will be responsible for administering firewalls, proxies, IPS, and other security controls along with threat analysis process development. Ability to work and problem solve with other IT teams is essential along with strong communication skills in taking complex problems and collaborating with others to develop solutions.
RESPONSIBILITIES AND TASKS
- Respond to and, where appropriate, resolve or escalate reported security incidents.
- Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity. ― Interprets such activity and makes recommendations for resolution.
- Investigates/resolves security violations with postmortem analysis to illuminate issues/solutions.
- Prioritizes change tickets, provides risk adjusted responses, and applies configuration changes.
- Researches threats, vulnerabilities, and security controls configurations.
- Takes action to mitigate threats and remediate, through security control configuration changes.
- Performs system security administration on designated technology platforms.
― Administers operating systems, applications, and network security devices.
― Complies with defined policies, standards, and procedures of the organization, as well as with industry best practices and vendor guidelines.
- Collects security appliance status and control statistics to produce exception/management reports.
- Assists/trains on security tools, security report preparation, and security issue resolution.
- Develops and maintains documentation for security systems and procedures.
- Researches, recommends, evaluates, and implements information security solutions.
― Aims to identify and/or protect against potential threats, and respond to security violations.
- Analyzes information from security systems to solve configuration issues and security incidents.
― Investigates firewall and proxies related issues in response to network connectivity, reported issues, and customer access requests.
― Investigates security related events, using standard network and host forensic tools and processes, to fully understand the impact of an event or incident.
― Prioritizes change tickets, provides risk adjusted responses, and applies configuration changes through the change process.
― Processes and documents events during the entire ticket lifecycle from detection to remediation.
― Acts as member of the incident response team with particular focus on security control related failures or incidents.
― Enforces adherence and implementation of IT-Security policies, IT Security standards, and guidelines.
― Documents processes for IT security operations.
― Searches the Encompass Health enterprise for security threats that are not detected by current security controls.
― Implements change control tasks within Encompass Health information security infrastructure.
― Works with other teams in the enterprise to investigate appropriate solutions for security issues.
― Works with developers in ensuring new applications adhere to approved security policies.
QUALIFICATIONS
License or Certification:
- Security+, Networking+, CISSP, or GIAC certifications recommended
Minimum Qualifications:
- Associate’s degree or Bachelor’s degree related to computer science or information security recommended
- Minimum 5 years of IT security administration experience required
- Minimum 7 years of total networking, security, or system administration experience required
- Experience with one or more of the following:
― TCP/IP problem solving
― Firewall administration
― Web proxies
― Network traffic analysis and techniques
― IDS/IPS technologies
― Windows Event log analysis
― SIEM log analysis
― Cyber threat hunting
― PCAP analysis
― Windows system administration
― Unix system administration
― Administration of routing and switching technologies
Skills and Abilities:
- Oral communication, written communication, fluency in English, active listening.
- Information ordering, deductive reasoning, social perceptiveness, time management, critical thinking.
- Ability to coordinate, analyze, observe, make decisions, and meet deadlines in a detail-oriented manner.
- Ability to work independently without continuous supervision.
- Skill in Windows and Unix system administration
- Knowledge of TCP/IP and network protocols
- Passion for Information Security
- Skill in enterprise firewall and web proxy administration
- Skill in scripting or software development/programming
- Knowledge and skill in offensive tools, techniques, and practices
BENEFITS
Enjoy competitive compensation and benefits that start day one of employment, including:
- Affordable medical, dental and vision plans provided to meet the needs of full and part-time employees and their families.
- Generous paid time off that increases with tenure.
- Tuition reimbursement and continuing education opportunities.
- Company-matching 401(k) and employee stock-purchase plans.
- Flexible spending and health savings accounts.
Address: ,
Schedule: Full-time
Job ID: 2215427
