IT Security Engineer, Full-Time

The IT Security Engineer is responsible for establishing an enterprise security stance through policy, architecture, and training processes and directing staff to ensure best practices in information security and adherence to regulatory and compliance requirements. Responsible for designing, implementing, and maintaining network security measures to protect our organization's infrastructure, including firewalls, proxies, DNS, WiFi, and networking systems. As a Security Engineer, you will ensure the confidentiality, integrity, and availability of our systems and data by developing and implementing strategies to protect against cyber threats.

Other tasks will include selecting appropriate security solutions, and managing and overseeing any vulnerability audits, risk assessments, and other IT security projects and audits. The IT Security Engineer is expected to interface with peers in the Systems, Network, Application, and Analytics departments to share the corporate security vision with those individuals and solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation.

Responsibilities:

Strategy & Planning

• Working with IT Security and maintaining the enterprise's security architecture design.

• Maintain the enterprise's security awareness training program.

• Maintain the enterprise's security documents (policies, standards, baselines, guidelines, controls, and procedures).

• Maintain action plans resulting from Risk Assessments and other IT audits.

• Maintain IT Business Impact analysis.

• Maintain the IT Disaster Recovery Plan.

• Develop IT governance mechanisms for enforcing the policies that support the protection and availability of data as well as risk mitigation.

• Maintain the Change Control process.

• Manage projects related to IT security and Governance.

Acquisition & Deployment

• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security per the enterprise's existing procurement processes.

• Oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.

• Review new software and technology acquisitions for security risk.

• Manage change control processes and communicate changes appropriately.

Operational Management

• Design, implement, and manage network security measures, including firewalls, proxies, and DNS, to protect our organization's systems from unauthorized access and cyber-attacks. IDS/IPS and Layer 7 firewalls

• Monitor and analyze network traffic for potential security breaches and investigate any anomalies or suspicious activities.

• Develop and maintain network security policies, procedures, and standards, ensuring compliance with industry regulations and best practices.

• Conduct regular security assessments of our network infrastructure, identifying vulnerabilities and implementing solutions to mitigate risks.

• Implement and manage WiFi security measures to protect against unauthorized access and ensure secure transmission of data.

• Develop and implement networking security policies and procedures to ensure the security and integrity of our cloud-based systems and data.

• Collaborate with other IT teams and stakeholders to ensure network security requirements are met across the organization

• Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems, databases, and other data repositories. Ensure the enforcement of enterprise security documents.

• Supervise all investigations into problematic activity and provide ongoing communication with senior management.

• Supervise the design and execution of vulnerability assessments, penetration tests, and security audits.

• Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise-wide understanding of security goals, solicit feedback, and to foster cooperation.

• Manage the remediation efforts resulting from risk assessment, gap analysis, and other IT audits.

• Manage projects related to the implementation of information security, privacy, and risk management tools and processes.

Qualifications:

• Proven experience working as a Security Engineer, with a strong understanding of network security principles and practices.

• Experience in designing and implementing firewall rules, proxies, and DNS policies to secure network traffic and protect against cyber threats.

• Experience in designing and implementing WiFi security measures, including WPA2-Enterprise, EAP, and RADIUS.

• Experience in cloud networking security, including AWS and GCP.

• Strong knowledge of security frameworks and standards such as NIST, CIS, and PCI-DSS.

• Excellent analytical and problem-solving skills, with the ability to troubleshoot complex network security issues.

• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.

• College diploma or university degree in the field of computer science and/or 7 years equivalent work experience.

• One or more of the following certifications are preferred:

• GIAC Security Essentials Certification

• GIAC Security Leadership Certification

• ISACA Certified Information Security Manager (CISM)

• Microsoft Certified Systems Engineer: Security

• (ISC)2 SCCP

• (ISC)2 CISSP

• (ISC)2 ISSAP

• HITRUST

• CAHIMS

• CPHIMS

• ITIL

• Extensive experience in enterprise security document creation.

• Experience in enterprise security architecture design.

• Experience in designing and delivering employee security awareness training.

• Experience in developing Business Continuity Plans and Disaster Recovery Plans.

• Experience in managing staff preferred.

• Experience with HIPAA / HITECH regulatory standards and policy preferred.

• Experience with managing projects.

• Working technical knowledge of Web Filtering and Data Loss Prevention (DLP) technologies.

• Working technical knowledge of Mobile Device Management technologies.

• Strong understanding of IP, TCP/IP, and other network administration protocols.

• Familiarity with IT best practices, including ITIL, COBIT, etc.

• Familiarity with Log and Event management tools and technologies, including correlation.

• Familiarity with Encryption technologies for data at rest, in use, and in motion.

• Proven analytical and problem-solving abilities.

• Strong written communications skills and proven documentation skills.

• Ability to effectively prioritize and execute tasks in a high-pressure environment.

• Good written, oral, and interpersonal communication skills.

• Ability to conduct research into IT security issues and products as required.

• Ability to present ideas in business-friendly and user-friendly language.

• Highly self-motivated and directed.

• Keen attention to detail.

• Team-oriented and skilled in working within a collaborative environment.

Location: Brooks Rehabilitation Hospital at 3599 University Blvd South, Jacksonville, FL 32216

Hours: Monday - Friday, 40 hours per week with on-call availability and flexible hours as projects and tasks demand

Compensation: Experience, education and tenure may be considered along with internal equity when job offers are extended.

Thriving in a culture that you can be proud of, you will also receive many employee benefits such as the following:

• Competitive Pay

• Comprehensive Benefits package

• Vacation/Paid Time Off

• Retirement Plan

• Employee Discounts

• Clinical Education and Professional Development Programs