Security Engineer

Company: Partnership HealthPlan of California
Location: Fairfield
Posted on: February 1, 2025

Job Description:

OverviewThe Security Engineer will play a critical role in advancing the organization's overall security maturity by continuously evaluating and improving the organization's security framework, ensuring alignment with industry's best practices, and driving initiatives that reduce risk and enhance the security posture across the organization. This role is critical in safeguarding the organization's data, applications, and systems by designing, implementing, and managing advanced security solutions. The Security Engineer will focus on security posture, vulnerability discovery and remediation, protections, CVE monitoring, vendor security, and will collaborate with cross-functional teams to enhance security practices, as well as back up other security team members. Daily familiarity with current threats, tools used in-house, risk remediation, and IRT is essential.Responsibilities

• Design and Implementation: Implements robust security architectures and solutions to protect against threats. This includes systems, network devices, intrusion detection/prevention systems, VPNs, and other various security tools.
• Monitoring and Analysis: Continuously monitors for suspicious activities and potential security breaches. Utilizes analytics tools to identify and mitigate threats in real time.
• Incident Response: Participates in incident response activities related to security breaches. Conducts thorough investigations, root cause analysis, and develops mitigation strategies to prevent future incidents.
• CVE Monitoring and Remediation: Monitors and manages CVEs (Common Vulnerabilities and Exposures) relevant to the organization. Assists in remediation strategies and ensures all vulnerabilities are addressed promptly.
• Vendor Risk Management: Provides vendor risk management for assigned vendors. Conducts regular assessments, monitoring, and communication to ensure vendors adhere to security standards and practices.
• Security Assessments: Performs regular vulnerability assessments and penetration testing systems. Identifies and remediates vulnerabilities to enhance the overall security posture.
• Policy and Compliance: Assists with the development and enforcement of security policies, procedures, and standards. Ensures compliance with industry regulations and best practices, including but not limited to GDPR, HIPAA, and PCI-DSS.
• Collaboration: Works closely with internal teams, including IT, DevOps, and application development, to integrate security best practices into the design and deployment of new technologies and services.
• Documentation: Maintains comprehensive documentation of security configurations, incidents, and remediation activities. Ensures all security assets are accurately inventoried and tracked.
• Threat Intelligence: Stays updated with the latest threats in the marketplace and the tools used within the organization. Performs threat intelligence initiatives to enhance the security posture of the organization.
• Must carry a cell phone and be available for consult or assistance when needed 24 hours a day/7 days a week to respond to security breaches and other related duties.
• Other duties as assigned.QualificationsEducation and Experience:Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum of five (5) years of hands-on experience in security engineering.Special Skills, Licenses and Certifications:Relevant certifications such as CISSP, CCSP, CCNP Security, GIAC, or similar are highly desirable. In-depth knowledge of security principles, protocols, and technologies. Proficiency in configuring and managing firewalls, IDS/IPS, VPNs, and other security appliances. Experience with security monitoring and analysis tools (e.g., SIEM, Wireshark, Snort). Strong understanding of TCP/IP, routing, and switching, Windows and Linux environments. Familiarity with cloud security best practices for platforms such as AWS, Azure, and Google Cloud.Performance Based Competencies:Excellent problem-solving and analytical skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders. Proven ability to work independently and as part of a team in a fast-paced, dynamic environment.Work Environment And Physical Demands:More than 50% of work time is spent in front of a computer monitor. May be required to bend, stoop, kneel, crawl, or work in other non-standing and non-sitting positions to install cabling, systems hardware, and other related equipment.All HealthPlan employees are expected to:

• Provide the highest possible level of service to clients;
• Promote teamwork and cooperative effort among employees;
• Maintain safe practices; and
• Abide by the HealthPlan's policies and procedures, as they may from time to time be updated.HIRING RANGE:$118,518.94 - $154,074.63IMPORTANT DISCLAIMER NOTICE:The job duties, elements, responsibilities, skills, functions, experience, educational factors and the requirements and conditions listed in this job description are representative only and not exhaustive or definitive of the tasks that an employee may be required to perform. The employer reserves the right to revise this job description at any time and to require employees to perform other tasks as circumstances or conditions of its business, competitive considerations, or work environment change.
  #J-18808-Ljbffr

Keywords: Partnership HealthPlan of California, Yuba City , Security Engineer, Engineering , Fairfield, California