Sr. Consultant, Information Security Operations

Join a team dedicated to supporting the crucial mission of improving health outcomes.

At Merative,  you can apply your skills – and grow new ones – with colleagues who have deep expertise in health and technology. Merative provides data, analytics and software for the health industry. Our clients include providers, health plans, employers, life sciences companies and governments around the world. With industry-leading products and focused innovation, we help customers improve decision-making and performance so that together, we drive real progress in health. Learn more at merative.com

As IT Cybersecurity Engineer and member of the Chief Information Security Officer (CISO) organization you will support the security of the company products and infrastructure. You will use your knowledge of concepts, technology and tooling to ensure the security of the company’s and our client’s critical information.  This will include participation in the maintenance and monitoring of security tooling, investigation of security incidents and support company and client audits.  You will interface with the business and functional leaders in development, operations, information technology and other stakeholders to promote and support a secure environment.

Essential Job Duties 

Provides technical leadership, advice, guidance and perform IT Cybersecurity related activities. 

 

• Works under limited supervision and in conjunction with team members with the objective to ensure a secure and compliant environment.  Manage day to day security tools such as Vulnerability Management, Data Loss Prevention, File Integrity Monitoring, Encryption, Key Management, Intrusion Detection, etc. 

• Work with various technology teams to ensure tool sets used to detect infrastructure security issues are deployed on all necessary platforms. 

• Research new security trend and provide recommendation to support increased security protection for our environment. 

• Defines objective and implements complex solutions related to IT Cybersecurity. 

• Accountable for project results, timing and productiveness in delivery activities. 

• Provide technical expertise in Information Technology and on Security products with hands-on experience. 

• Assist with data protection initiatives and other programs as necessary 

• Participates in the internal and external audit program to demonstrate security procedures and tools to assure ongoing compliance. 

• Participates in activities related to the corrective and preventive action process. 

• Recognizes problems related to project objectives and applies sound judgement when addressing the issues. 

• Independently generates solutions based on analytical skills and business knowledge. 

• Pursues a program of self-development using selected reading, seminars, and participation in continuing education. 

• Performs all duties and responsibilities as required by the company Security Policies and Procedures. 

• Identifies and communicates possible improvements in the work process for customers and peers. 

• Performs other duties as assigned by immediate supervisor or upper management 

 

Required Qualifications 

• Bachelor’s degree in a scientific or technical discipline required 

• 5+ years of technical, hands-on proficiency in multiple cybersecurity competencies (e.g. network security, systems security, application security, security operations) 

• 5+ years’ experience performing security technical testing or technical controls validation including documentation of testing methods and results 

• Experience implemented Vulnerability Management process to include configuration and scanning, reporting, and the remediation process 

• Qualys knowledge and experience 

• Crowdstrike Endpoint Detection and Response knowledge and experience. 

• Experience developing API to include integrating API calls into applications and troubleshooting API issues 

• Knowledge of security controls related to infrastructure technology including enterprise storage (NAS/SANS), Windows and Linux Operation systems, ESX VMware, etc. 

• Experience using SIEM products (e.g., Splunk, Sumo Logic) to collect data and investigate anomalies. 

• Microsoft 365 Office Message Encryption (OME) knowledge and experience. 

• Experience in Security administration of cloud (Azure security). 

• Knowledge of security standards and controls (e.g., NIST, CIS etc). 

• Proactive awareness of emerging cybersecurity threats and technologies 

• Detail oriented with strong verbal and presentation skill 

• Demonstrated proficiency with executive level presentations and status reporting 

• Excellent interpersonal, communication, and negotiation skills 

• Effective research and analytical skills 

• Effective written and oral communication, technical writing and editing skills 

• Ability to work independently with minimal supervision 

 

 

Preferred: 

• Security related certification (i.e. Security+, CISSP, GIAC, etc) 

• Experience implementing security controls to meet requirements of various security and privacy related standards and regulations such as SOC I/II, ISO 2700x, HIPAA, GDPR, HITRUST, etc 

It is the policy of Merative to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, HIV status, or any other characteristic protected by federal, state or local law. In addition, Merative will provide reasonable accommodations for qualified individuals with disabilities.