at CTG in Dover, Delaware, United States
Information Security Engineer
Oct 07, 2021Post Date
Apply for JobShare this JobSign Up for Job Alerts
CTG is currently seeking an experiencedInformation Security Engineerto join our team for to support the Alaska Native population.
Hours: Must be able to work Monday – Friday during core business hours of 9am – 5pm PT
Duration: 6 months
Summary:The Information Security Engineer is responsible for consulting with server, network, and application development teams to ensure that new and existing technical solutions are implemented in a manner consistent with the Conmpany’s Information Security Management Program (ISMP) practices and standards that preserve the confidentiality, integrity, and availability of systems and data. The Security Engineer is responsible for technical security operations of servers, workstations, networks, web applications, IT processes.
Essential Job Responsibilities:
Customer Care and Relationships:
- Creates, develops and nurtures culturally appropriate interactions and connections with each other, customer-owners, and the community.
- Implements the requirements of company policies and procedures regarding the safeguard of information systems and security.
- Collaborates with ITS engineering staff to design, implement, and monitor technical measures to and ensure security of information systems and data.
- Demonstrates compliance with all applicable laws, policies, procedures, bylaws, regulatory requirements, and best practice guidelines regarding Privacy of Healthcare Information, Corporate and Healthcare Compliance.
- Monitors IT services and systems for potential risks.
Communications and Teamwork:
- Shares and receives information, opinions, concerns and feedback in a supportive manner.
- Works collaboratively by building bridges and creating rapport with team members within departments and across the organization.
- Researches and recommends network security solutions, designs, development, integrations, testing, implementations, and operational support of information security focused infrastructure projects.
- Facilitates work sessions, vendor engagements, and meetings.
- Demonstrates strong written, oral, presentation, facilitation, and interpersonal skills.
Improvement and Innovation:
- Makes meaningful improvement to services, program, and processes and/or organizational effectiveness that creates new value for customer-owners and employees.
- Creates and maintains standards and operating procedures for security operations and administration consistent with Company’s ISMP risk management practices.
- Works effectively in a rapidly changing and innovative healthcare system and adapts security controls and countermeasures to align with these changes.
- Monitors security related systems as per applicability and or compliance with applicable laws, rules and regulations governing Information Technology, and Data Security and Integrity.
Workforce Development Skills and Abilities:
- Seeks out additional learning opportunities to continue to develop the technical and professional skills needed now and in the future.
- Takes responsibility for all work activities and personal actions by following through on commitments.
- Applies knowledge of the Privacy Act of 1974 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to ensure the privacy of individuals is protected to the fullest.
- Designs, documents, and maintains Companys system and network security baselines in cooperation with other Information Technology engineering teams.
- Applies secure network architectures, identity and access management principles, application security standard, and encryption technologies.
- Analyzes network, server, and software systems to correlate security events and implement counter-measures to mitigate against intrusion attacks.
- Researches and identifies ethical hacking, firewall, and intrusion detection/prevention technologies, secure coding practices, and threat modeling.
- Participates in the security incident response team and assists with security with incident investigations.
- Understands concepts related to threat, risks, and countermeasures to protect facilities, hardware, data, media, and personnel.
- Maintains a strong knowledge of ISO model principles, networking protocols, authentication/identity services.
- Collects and analyzes data on existing processes and protection controls.
- Applies skill in PKI, VPN, and certificate-based security technologies.
- Applied skill in administering next-generation firewall systems such as Palo Alto Networks.
- Decodes and understands traffic flow using packet level traces (skilled with TCPDUMP, PCAPs, Wireshark, traffic generators, etc.).
- Configures, administers, and monitors vulnerability management systems such as Nessus.
- Creates and monitors Security Incident Event Management (SIEM), system dashboards and alerts in support of security operations.
- Monitors security tools such as SIEM, OLP, Antivirus, HIDS/NIDS, and content filtering systems.
- Maintains a working knowledge with server grade applications to include Exchange, DNS, SMTP, 11S, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, and SQL.
- Performs IDS/ IPS real-time monitoring analysis and/or network forensics.
- Supports ISMP security program strategy by staying current with evolving technologies such as cloud, mobile, virtualization, access control, and their security implications.
- Maintains a strong knowledge of regulatory mandates, controls and audit standards such as HIPAA, FISMA, FIPS, NIST, PCI-DSS, IS027001, etc.
- Bachelors Degree in Computer Science, Information Technology, Mathematics, or related field; OR equivalent combination of education and experience
- Three (3) years of experience in IT Security engineering or security operations.
- Certified in one of the following: CISSP, SSCP, CEH, GIAC-GSE or can obtain within 12 months of hire.
- Thorough understanding of the cultures and the needs of the Alaska Native population desired.
To be considered, please immediately apply to this requisition using the link provided. Kindly forward to any other interested parties—thank you!
Drug testing and/or other employment-related inquires may be conducted.
CTG’s Benefits Plan allows you to select insurance coverage that best suits your lifestyle, and take part in our savings programs and educational plans. We offer Flexible Spending Accounts, a 401(k) Retirement Plan, and an Employee Stock Purchase plan. Our educational plan comprises access to more than 2,000 web-based technical, professional and business development courses.
CTG is a leading provider of digital transformation solutions and services that accelerate clients’ project momentum and achievement of their desired IT and business outcomes. Our vision is to be an indispensable partner to our clients and the preferred career destination for digital and technology experts. CTG has operations in North America, South America, Western Europe, and India. For more information, visit www.ctg.com.
Our culture is a direct result of the people who work at CTG, the values we hold, and the actions we take. In other words, our people are the culture. It’s a living, breathing thing that is renewed every day through the ways we engage with each other, our clients, and our communities. Part of our mission is to cultivate a workplace that attracts and develops the best people, reflected by our recognition as a Great Place to Work-certified company across many of our global operations.
CTG will consider for employment all qualified applicants including those with crimin