The Sr Information Security Engineer is responsible for analyzing the Point32Health information security environment and developing, deploying, and supporting security measures and capabilities to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to work independently with minimal direction under the guidance of senior staff. Reporting to the Cybersecurity Manager – Threat Management, the Sr Information Security Engineer will work closely with other cybersecurity teams to protect the Point32Health environment.
Key Responsibilities/Duties – what you will be doing
Provide technical expertise and administration of security tools that drive and support threat management team core responsibilities including security monitoring, incident response, threat intelligence, and vulnerability management.
Perform security engineering functions including security application configuration, tuning, deployment, and maintenance, ensuring all functions and tasks are completed accurately within a timely fashion and in accordance with established procedures and SLAs.
Monitor cybersecurity trends and changes in the threat landscape, assess potential uses of new technologies to meet evolving threat group tactics, techniques, and procedures.
Analyze business requirements and risks to technology implementation for security-related issues. Support skills development of more junior team members and engage in mentoring where appropriate.
Train information owners in the implementation of necessary security controls and contribute to accurate and complete documentation of security procedures.
Work collaboratively across cybersecurity and technology teams to address identified shortcomings, discover improvements, and enhance the collective knowledge and capability of Point32Health's technology-focused teams.
Lead issue-specific project/taskforce teams with responsibility for completion of all assigned project-related tasks. Consult with Security and IT staff to evaluate and implement security software tools that satisfy security use cases and requirements outside strictly cybersecurity areas of responsibility.
Use scripting languages to automate routinized security processes and data management functions.
Qualifications – what you need to perform the job
Education, Certification and Licensure
Bachelor's degree in computer science, cybersecurity, or equivalent experience.
At least one cybersecurity-related certification (e.g., GCIH, GCFA, CISSP)
Experience (minimum years required):
Minimum 3-5 years' experience in an information security engineer role in a real time cybersecurity operations setting, preferably in healthcare, financial services, or government/law enforcement.
Three years' experience in Information Security with a broad range of exposure of operating systems, applications, and networks.
Experience with securing enterprise-wide applications and databases required.
Skill Requirements
Familiarity with operating system fundamentals, networking concepts, and cybersecurity principles.
Significant experience using the Microsoft security tool suite.
Scripting knowledge in one or more languages, e.g. Python, Powershell.
Demonstrated competency in developing effective security solutions for diverse and complex business problems in a cross-functional environment.
Track record of successfully developing and implementing new security technologies.
Strong working knowledge of security controls across multiple dimensions of information security, including email, web traffic, DNS, cloud computing, and endpoint protection.
An understanding of the role of information security within business context and an ability to balance tradeoffs.
Strong team-oriented interpersonal skills with the ability to effectively interface with a wide variety of stakeholders.
Excellent written and oral communications skills, with the ability to convey complex concepts to both technical and non-technical audiences.
Commitment to Diversity, Equity & Inclusion
Point32Health is committed to making diversity, equity, and inclusion part of everything we do—from product design to the workforce driving that innovation. Our DEI strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Who We Are
Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.
We enjoy the important work we do every day in service to our members, partners, colleagues and communities.
This job has been posted by Ignyte AI on behalf of Point32Health. Ignyte AI is committed to the fundamental principle of equal opportunity and equal treatment for every prospective and current employee. It is the policy of Ignyte AI not to discriminate based on race, color, national or ethnic origin, ancestry, age, religion, creed, disability, sex and gender, sexual orientation, gender identity and/or expression, military or veteran status, or any other characteristic protected under applicable federal, state or local law.
Req ID: R8096
