Security Operations Engineer

Location

New York, New York

Shift:

Day (United States of America)

Description:

Security Operations Engineer

Position Summary

The Security Operations Engineer operates and maintains the InfoSec team’s portfolio of vulnerability management, Security Incident and Event Management (SIEM), automation, and authentication tools. Additional tasks include forensic recovery/support, event management, spam investigation, threat feed management, penetration testing, proactive defense, network sensor auditing, and security event management.  This is a multi-dimensional role, partnering closely with peer teams inside the Information Security department, and business partners across a large, multi-campus healthcare organization.  These partnerships ultimately result in an enhanced defense posture and proactive development of secure, robust solutions across the organization.

Essential Job Duties

• Responsible for the daily duties associated with NYP’s Security Operations team including the extension of services provided to all of NYP’s campus and regional affiliates.
• Implements and supports the SIEM tool, to include the inclusion of data sources and any applicable monitoring agents.
• Implements and supports the scanning platform, vulnerability attack platform, privileged account management solution and other discovery tools as required.
• Implements and supports the Security event management platform to include all correlation and automation capabilities for security functions.
• Implements and supports web security platforms, the threat prevention system, and other network based sensors as required.
• Review daily threat feeds, host alarms, cloud based reporting, and similar information in order to proactively mitigate threats
• Collects and disseminates reports, metrics, and other indicators of event and incident management functions.
• Partners with the Vulnerability Management, Security Engineering, and Event and Incident Management teams in order to provide critical development and automation tasks in support of the group’s mission.
• Partners with the Event and Incident Management team in order to take security event intelligence and produce actionable alarming for the purpose of proactive management of security incidents.
• Develops test plans, test data and testing schedules. Conducts unit and system tests to verify results of software solutions.
• Installs/performs in-house and vendor updates, in a timely and efficient manner in accordance with IS change control standards and procedures.
• May work in multiple phases of systems and applications analysis, and considers the business implications of the application of technology to the current business environment.

“May require occasional on-site presence; therefore, should live within a commutable distance.  No relocation assistance available.”

Preferred Qualifications

• CEH
• CNSE
• Knowledge and experience with SIEM tools such as Splunk
• Knowledge and experience with vulnerability management platforms such as Nexpose, Nessus, etc
• Knowledge and experience with network security platforms including SIEM, firewalls, intrusion detection and prevention, web proxies and internet content filtering.
• Knowledge of cryptography and encryption products, data loss prevention, mobile device management.
• Functional and practical experience with scripting and automation techniques
• Strong organization skills to prioritize work/life balance, and lead complex projects.
• Strong interpersonal skills and ability to interact with customers, senior level personnel, subordinates, and team members.
• Strong leadership skills to explain and guide peer business partners with vulnerability remediation.

Required Qualifications

• Bachelor’s degree in a technical or engineering discipline; or equivalent experience
• At least 3-5 years or equivalent of technical experience in an IT related field
• Knowledge and experience with SIEM tools such as Splunk
• Knowledge and experience with vulnerability management platforms such as Nexpose, Nessus, etc
• Knowledge and experience with network security platforms including SIEM, firewalls, intrusion detection and prevention, web proxies and internet content filtering.
• Knowledge of cryptography and encryption products, data loss prevention, mobile device management.
• Functional and practical experience with scripting and automation techniques
• Strong organization skills to prioritize work/life balance, and lead complex projects.
• Strong interpersonal skills and ability to interact with customers, senior level personnel, subordinates, and team members.
• Strong leadership skills to explain and guide peer business partners with vulnerability remediation.

2 roles available

Join a healthcare system where employee engagement is at an all-time high. Here we foster a culture of respect, diversity, and inclusion. Enjoy comprehensive and competitive benefits that support you and your family in every aspect of life. Start your life-changing journey today.

Please note that all roles require on-site presence (variable by role). Therefore, all employees should live within a commutable distance to NYP.

NYP will not reimburse for travel expenses.

__________________

• 2024 “Great Place To Work Certified”
• 2024 “America’s Best Large Employers” – Forbes
• 2024 “Best Places to Work in IT” – Computerworld
• 2023 “Best Employers for Women” – Forbes
• 2023 “Workplace Well-being Platinum Winner” – Aetna
• 2023 “America’s Best-In-State Employers” – Forbes
• “Silver HCM Excellence Award for Learning & Development” – Brandon Hall Group

NewYork-Presbyterian Hospital is an equal opportunity employer.

Salary Range:

$91,500-$108,500/Annual

It all begins with you. Our amazing compensation packages start with competitive base pay and include recognition for your experience, education, and licensure. Then we add our amazing benefits, countless opportunities for personal and professional growth and a dynamic environment that embraces every person. Join our team and discover where amazing works.