Lead - Info Sec Engineer

JD - Cybersecurity L3 Specialist

The Cybersecurity Specialist is a self-starter, results-oriented, multi-disciplined, and comfortable in leading the implementation of system security solutions in a multi-vendor complex US healthcare environment. Essential for this role is the adeptness to work independently as well as part of a team with a collaborative approach to problem solving.

This role will transition from Cybersecurity Specialist Role to Cybersecurity Technical Manager (SOC Manager) or Security Architect in 24 to 36 months.

Responsibilities

Experience with monitoring, analyzing, detecting, and responding to Cyber events and incidents. Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation.

Experience in developing, documenting, and maintaining security policies, processes, standard operation procedures (SOPs) and playbook based on Incident learnings.

Hands on Experience with security tools: Security information and event management (SIEM), Endpoint Detection and Response (EDR), Antivirus, Network Full Packet Capture, NextGen Firewalls (NGFW), Network Access Control (NAC), Intrusion Detection Systems (IDS/IPS), Data Loss Prevention (DLP), Encryption, Content Filtering, Multi Factor Authentication (MFA), Vulnerability Management (VM), Insider Threat, Phishing Simulation, Mobile Device Management (MDM).

Finetune ALL security tools on a regular basis to improve identify anomalous, suspicious, or malicious activity.

Research, evaluates, designs, tests, recommendations, and plans for the implementation of new or updated information security technologies.

Reports to management concerning vulnerabilities, security exposures, and noncompliance.

Prepare and Present Weekly/Monthly status reports on operations and projects.

Required Experience and Skills:

Experience working in a 24/7 SOC environment.

Strong SOC process and documentation skills.

Minimum of 8 - 10 years Information Security Engineering Experience.

Shift Hours: US Eastern (5:30 PM - 2:30 AM IST).

Knowledge in Threat Sharing/Exchange, Cyber Kill Chain, ITIL, NIST, CIS and MITRE ATTCK.

Certification from EC-Council, ISC2, ISACA, SANS or equivalent.

Knowledge in ITIL, NIST CSF, CIS controls, and frameworks.

Healthcare / HIPAA working knowledge is an added advantage.

Medical Devices Security is an added advantage.

Tools knowledge: CrowdStrike EDR, CrowdStrike SIEM, Darktrace IPS, Office 365 Security/Compliance Suite, Palo Alto Firewall, Qualys VM, Microsoft Intune Mobile Device Management (MDM), DUO MFA, IoT / OT / IoMT Security (Claroty / Medigate / Asimily)