Northwell Health Sr Engineer IT Security in Melville, New York
Req Number 002WK9
Plan, design, implement, and provide ongoing support for the enterprise security technologies. Provides leadership on security through design and delivery of integrated security solution architectures and systems. Assists other engineers with regard to training and work assignments.
Serves as a technical lead for hardware installation, configuration, and operational support of the security infrastructure.
Provides 3rd level technical support to technical teams to resolve security issues and to support the implementation of new solutions. Provides Level 3 support for the IT Security technologies.
Evaluates new security technologies and recommends opportunities that would enhance the security architecture.
Ensures applicable information security design considerations are appropriately included in all new and existing Northwell Health computing environments.
Oversees the build, configuration and maintenance of all security technologies within the environment.
Leads the development of application/system specific security hardening guidelines.
Reviews and validates that network infrastructure and endpoint device configurations comply with the latest industry standards and framework (i.e. HITRUST, NIST, HIPAA and PCI-DSS).
Recommends security enhancements and upgrades to Northwell Health's network, infrastructure and application environments.
Engineers, implements and monitors security measures for the protection of computer systems, networks and information.
Identifies and designs system security requirements.
Designs computer security architecture and develops detailed information security designs and controls.
Performs other duties as required.
*ADA Essential Functions
EXPERIENCE AND QUALIFICATIONS
Bachelor's Science Degree in Information Security, Computer Science, MIS, Computer Engineering, or Technical Security certification or degree (e.g. CISM, CISSP, CNA etc.), required.
Minimum of five (5) years related information technology experience.
Direct experience with network security, networking technologies and with system, security, and network monitoring tools, required.
Thorough understanding of the latest security principles, techniques, and protocols and should include hands-on engineering experience with the following security technologies including: Intrusion Prevention Systems, Intrusion Detection Systems, Content Filtering, Two-Factor Authentication, Email and Endpoint Encryption, Email and Endpoint Protection, Network Access Control, Web Application Firewalls, Data Loss Prevention, Netflow Monitoring, SIEM Solutions, DDoS, Active Directory / ADFS / Single Sign-On, Public Key Infrastructure / Certificate Services, required.