The Information Security Engineer will report to the Information Security Operations Manager within the Information Security Office (ISO). This security engineer will be the lead Information Security technical resource responsible for the execution of incident response, threat monitoring, threat management, and forensic investigations. With growing responsibility to include administration of our privacy and security-monitoring environment, this role taps on individual contributor skills to execute and mature CUIMC's Privacy monitoring and security objectives
Communicate and escalate incident findings and potential impact to the Information Security, HIPAA Risk and Privacy Officer, OGC (Office of General Counsel) and principal stakeholders 5%
Identify, Investigate, and analyze, security incidents identified using the SPLUNK SEIM platform and additional security operations applications 10%
Manage overall incident lifecycle from triage, investigation, remediation and root cause analysis 10%
Develop playbooks of procedures used for investigative processes at the Medical Center 10%
Complete and deliver detailed incident reports, which outline actions, remediation steps and impact of an incident 10%
Generate monthly incident summary reports used in presentations to the HIPAA Privacy and Risk Committee 10%
Create monitoring rules, automated scripts to detect and capture incident artifacts relevant to HIPAA privacy risks and violations 5%
Contributor for IT Security technical implementations for cross-functional projects at the Medical Center 5%
Provide leadership and mentorship to junior engineers and ultimately accountability for supported technologies 5%
Validate the efficacy of defensive security mechanisms 5%
Maintain ongoing awareness of shifts in CUMC's compliance and threat landscape and recommend appropriate changes to identify and address new security gaps. Query, analyze and improve our processes and security posture for IT services. Validate the engineering adherence to security policies 5%
Be an active member of the broader information security community; maintain understanding of current best practices by participating in peer groups, attending or presenting at appropriate industry conferences, and researching literature and security news sources 5%
Ensure that systems security profiles comply with the organization's standards for IT Security 5%
Manage enterprise data loss prevention systems to include the reporting and remediation of violations 5%
Query, analyze and improve our processes and security posture for IT services 5%
Other duties as required 5%
Requires a bachelor's degree or equivalent in education and experience, plus five years of related experience.
Considerable expertise with security event and monitoring tools to include SPLUNK, SumoLogic, PAN's FW, SNORT, etc.
Proficiency in determining the root cause of security issues and a solid understanding of exploits and vulnerabilities
Familiarity with web application security vulnerabilities such as XSS, SQLi, CSRFs
Good understanding of Microsoft enterprise environments and integration to secure applications and cloud systems
Strong knowledge of security controls on both Windows and Unix-based operating systems.
Extensive experience in applying appropriate security principles in a dynamic environment that prevents unauthorized access to the network or parts of the network
Experience coding/scripting with common languages such as Python & Perl, Bash scripting.
Knowledge of cryptography as it relates to application and network security
Ability to prepare both executive and detailed reports on risk findings and status. Ability to develop remediation plans and guide departments with remediation strategy. Strong service commitment, and verbal, writing, and reporting skills
High level of integrity, and sound judgment concerning security and privacy
Good written and verbal communication skills a must. Technical writer capable of producing technical documentation, incident reports, and risk documentation for non-technical executives
Ability to understand and work with healthcare professionals, educators and researchers
Ability to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents
Strong background information security practices with significant experience in a complex, multiplatform, higher education or healthcare IT environment
Experience working in a HIPAA/HITECH/OMNIBUS-regulated environment. Functional knowledge of the HITRUST CSF based on practical working experiences and a functional knowledge of security standards such as HIPAA/HITECH, PCI-DSS, ISO 27001/2, NIST
Experience working in an academic medical center or hospital environment a plus
Project planning or management experience
Formal training in Health Information Technology, SDLC management experience
CISA/CISM, or GIAC certified penetration tester (GPEN), or Certified Ethical Hacker (CEH), or any relevant GIAC certifications, CISSP, or CISA
Equal Opportunity Employer / Disability / Veteran
Columbia University is committed to the hiring of qualified local residents.
Internal Number: 501230
About Columbia University
Columbia University is one of the world's most important centers of research and at the same time a distinctive and distinguished learning environment for undergraduates and graduate students in many scholarly and professional fields. The University recognizes the importance of its location in New York City and seeks to link its research and teaching to the vast resources of a great metropolis. It seeks to attract a diverse and international faculty and student body, to support research and teaching on global issues, and to create academic relationships with many countries and regions. It expects all areas of the university to advance knowledge and learning at the highest level and to convey the products of its efforts to the world.