Security Engineer

Website eHealth

We are looking for a great Security Engineer in Gold River, CA to join our global security Operations team. The team is responsible for infrastructure security operations, which includes managing SIEM, Vulnerability scanning, Endpoint protection (Antivirus/antimalware), penetration testing, web filtering & DLP. The ideal candidate will be someone who is very passionate about security and innovative in using the right security tools to protect the company infrastructure and valuable data. Demonstrated experience with implementing security controls to meet PCI-DSS, HIPAA and HiTrust compliance frameworks is a requirement.

Job Responsibilities:

  • Evaluating new security tools and making recommendations
  • Implement new security tools and write architectural documentation
  • Work with various infrastructure, cloud and applications teams to configure security log collection into SIEM
  • Creating compliance reports and alerts for various security controls
  • Investigate security alerts and fine tune false positives
  • Configure security scans for vulnerabilities across infrastructure, cloud and applications
  • Work with various tech teams to ensure that the vulnerabilities are being patched
  • Work with external auditors to provide evidence for security controls
  • Write Standards and procedural documentation for the ongoing maintenance of the security program
  • Help troubleshoot security incidents
  • Participate in on-call rotation for security escalations
  • Work with external vendor to perform penetration testing

Requirements:

  • Bachelor’s degree in computer science, or equivalent
  • One or more security certifications like CISSP, CISM, CCSP
  • At least 5 years of experience in information technology. Most recent 2 years should be in information security
  • Experience  in cloud security and/or certification in cloud infrastructure will be a plus
  • Experience with a common security framework like HiTrust or ISO-27001 will be a plus
  • Deep understanding of security concepts around encryption, secure communications, browser security, security logging/monitoring, single signOn, IAM, Vulnerability management, web filtering proxies, data loss prevention, incident management
  • Solid understanding of how TCP/IP, SSL, PKI/certificate management, Firewalls, Secure communications & Web proxies work
  • Experience managing a SIEM solution will be a big plus

CLICK HERE FOR DETAILS

To apply for this job please visit jobs.jobvite.com.