JOB OVERVIEW:
The Security DevOps Engineer is responsible for monitoring and administering multiple security technologies to detect IT security incidents. The Security DevOps Engineer/Deputy CISO will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
This employee’s job duties require access to covered information. The employee is subject to additional screening. This designation shall be reviewed at least annually.
JOB DUTIES & RESPONSIBILITIES:
• Implement, administer, and maintain portfolio of security toolset and solutions, including being the SIEM SME
• Monitor and analyze daily security intelligence feeds and reports and adjust protections to mitigate new threats
• Monitor, analyze, and interpret daily security events surfaced via dashboards, SIEM, IDS/IPS, etc.
• Investigate and validate all actionable security events and escalate or take action as indicated in security model mitigate threats
• Scripting and automation
• Participate in ongoing security operations and incident response activities
• Backup Manager for CAB (Change Advisory Board) and SIRT (Security Incident Response Team) duties
• Monitor changes in the security industry to maintain up-to-date awareness of new security solutions, improved security processes and the development of new attacks and threat vectors and how to defend against them
• Engineer, research and test new security technologies that may provide benefit to the organization
• Provide subject matter expertise and technical risk management to IT design and engineering efforts, covering
• diverse areas such as encryption, authentication, authorization, data integrity and resilience.
• Participate in security related “hunting” and forensic analysis activities
• Other duties as assigned
• All DeliverHealth employees must follow the organization’s privacy and information security policies, processes and standards. There are no exceptions to this expectation.
KNOWLEDGE, SKILLS, & ABILITIES:
• Proficient in identifying, prioritizing and mitigating information security vulnerabilities
• Firm understanding of common cyber-attack methods and defense methods
• Proficient in all the main IT layers; hardware, OS (Windows *nix), virtualization, storage, networks/protocols, database, application, and security – including the ability to write, maintain and explain technical security standards for the same.
• Experience with the Microsoft Azure suite of security tools a strong plus
• Experience with Amazon Web Services / Google Cloud Platform a plus
• Experience with Artificial Intelligence products and services for process automation a plus
EDUCATION & EXPERIENCE:
• Bachelor's degree in Computer Science, or related discipline, or equivalent work experience.
• 8 or more years of information technology experience, at least 5 years in a relevant information security role.