Key skills
Project ManagementCommunicationProblem SolvingCollaborationNetwork SecurityCloud SecurityWAF
About this role
Cotiviti is a company focused on information security, seeking an Information Security Engineer to support their security objectives. The role involves building and supporting security systems, operationalizing tools, and investigating security incidents while collaborating with team members to enhance operational efficiency.
Responsibilities:
- Build, implement and provide tier 2 support for security tools to include: WAF, NextGen AV, IPS/IDS, SIEM, DLP, email security gateway, vulnerability management, asset inventory
- Operationalizing existing security tools through control validation/improvements, new feature enablement and upgrades in alignment with strategic objectives
- Collaboration with InfoSec & IT team members with a focus on increased operational efficiency of the SOC
- Responding to and investigating escalated security incidents in support of the Security Operations Center. Identifying unauthorized access or processes, containing and eradicating them, and provide supporting documentation to incident response report
- Perform root cause analysis of outage or performance issues that may be related to security tools. Provide recommendations to stakeholders on the best course of action to remedy the problem
- Assist in responses to external audits, penetration tests and vulnerability assessments
- Participate in on-call rotation for urgent support issues including but not limited to weekends, holidays and after-business hours as required to service the needs of the business
- Promoting security awareness and cultivating employees’ into “Security Champions” to further support information security standard methodologies
- As needed - 4 days of consecutive travel every quarter for team meetings
Requirements:
- Demonstrated passion for information security
- 4 years in information security engineering, incident response or IT Infrastructure engineering/support with hands-on exposure to security tools or security controls. This can include email security, security baselines, patch management via configuration management systems, building secure cloud configurations, managing next-gen AV or network security
- Demonstrated project management skills and ability to track and report progress against established milestones, metrics and deliverables
- Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy to both technical and non-technical audiences
- Excellent aptitude for problem solving. Self-starter, team player, personable, enthusiastic, hardworking, and enjoy interfacing with external and internal customers on a day-to-day basis
- BS degree in Cyber Security/Computer Science/MIS, equivalent or a minimum of 4 years relevant industry experience
- Research emerging technologies in support of security enhancement and development efforts. Assess existing tools for gaps and vulnerabilities
- Knowledge of an industry cyber security regulation/standard (HIPAA, SANS, CIS) and a cyber security framework (MITRE ATT&CK, NIST, HITRUST)
- Ability to develop and report metrics/KPIs to management in all areas of responsibility
- Interview, develop, coach, lead and retain top-tier talent, with a focus on building and improving a team and culture that is able to assist in employing best in class practices to support and drive high levels of internal and external customer satisfaction
- Complete all responsibilities as outlined on annual Performance Plan
- Complete all special projects and other duties as assigned
- Must be able to perform duties with or without reasonable accommodation
- Hands-on experience implementing & administering a variety of security platforms
- Security certification a plus (CISSP, CEH, CISM, CompTIA Security+)
- Demonstrated knowledge and understanding of cloud and cloud security tools highly preferred