Purpose: The Security Engineer
The Security Engineer
Configuring vulnerability assessment tools, as well as performing internal, external, web application scans, researching and analyzing vulnerabilities, risk ranking and identifying business impact, identifying relevant threats, corrective action recommendations, summarizing and reporting results.
Assessing organization's perimeter, infrastructure, and applications' compliance with policies, standards, hardening baselines to identify gaps, prepare remediation plans, and work with system owners to reduce risk
Leading scalable and effective remediation at all layers of the organization, infrastructure, and application stack by applying appropriate risk-based prioritization, simplifying requests and collaborating with business partners.
Recommending appropriate policy, standards, process and procedural updates as part of comprehensive remediation solutions.
Designing and delivering actionable Information Security dashboards and scorecards.
Leading remediation of vulnerability assessments, penetration tests, and other internal/external vulnerabilities.
Identifies and resolves problems in a timely manner; gathers and analyzes information skillfully; develops alternative solutions; works well in group problem solving situations; uses reason even when dealing with emotional topics.
Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts success of team above own interests; able to build morale and group commitments to goals and objectives; supports everyone's efforts to succeed.
Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others and documents key procedures.
Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems.
Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
Bachelor's degree and 3-5 years of relevant experience
CISSP, Security+, Certified Vulnerability Assessor, Certified Ethical Hacker preferred
Children's Mercy Hospital