Information Security Engineer II

Description

Information Security is a central focus of KP. The Information Security Engineer II supports this critical priority by maintaining and implementing the tools and processes used to protect our systems. In addition, the Information Security Engineer II responds to Security Events or Incidents, and under the direction of the CISO oversees our data governance program. Through these activities this position plays a vital role in keeping KP safe while enabling KP’s overall success. 

Essential Duties and Responsibilities: 

• Design and implement data protection solutions in a high-volume environment. 
• Work with IT Teams to integrate data security into existing data pipelines and flows. 
• Provide assistance in the selection, implementation and maintenance of security equipment and software.
• Provide recommendations and guidance to technology development and leadership; ensuring best practices, of effective security methods and procedures are maintained (such as secure coding practices, threat modeling, application security and proper use of encryption). 
• Manage Data Loss Prevention, Key Management, and other data security tools. This includes analysis of results, proper configuration and provide reports/summaries/recommendations to leadership.
• Collaborate with other teams during security audits and other investigations. 
• Maintains information security metrics; reporting results to leadership.
• Prioritizes and organizes own work to meet deadlines.
• Other duties and projects as assigned.

Requirements

• 4 year degree in cyber security or related field. Years of experience can be substituted for a degree.  
• 4 years of experience in Data Loss Prevention, Data Governance, and key management. 
• Strong understanding of encryption standards, key management, and data governance practices. 
• Experience with Azure. 
• Knowledge of database security, api security, and secure data transfer protocols. 
• Knowledge of cybersecurity frameworks, standards, and best practices (NIST CSF, ISO 27001, HIPAA).
• Strong verbal, written, listening and presentation skills: ability to read, understand and interpret SOP’s, security and quality procedures, clearly and effectively communicate detailed instructions, presentations and respond to questions.
• Strong interpersonal skills; ability to foster cooperation, inspire respect and trust; motivate others to perform well; effectively influence others toward accomplishment of objectives/goals.
• Develop and maintain timely and accurate documentation and other supporting information.
• Works well without supervision and proactively recommends improvements.
• Current CISSP certification or comparable IT security accreditation a plus.