The Information Security Operations Engineer will report to the Information Security Operations Manager within the Information Security Office (ISO). The role is responsible for monitoring and evaluating data from SIEM (Security Incident and Event Management) systems in order to promptly identify, evaluate and respond to information security incidents impacting Columbia University Irving Medical Center.
The role will: contribute to security systems design, provide programming support, draft incident reports; contribute to the collection and analysis of data to provide accurate and useful security metrics, vulnerability management and threat modeling; interact with CUIMC technical resources and other key stakeholders to facilitate coordinated security operations between central and distributed IT; and assist in thought leadership activities which promote greater awareness of information security leading practices. On-call hours are required for all operations staff.
Monitor and evaluate data from security event information feeds and ticketing systems in order to promptly identify, evaluate, triage and respond to information security incidents impacting Columbia University Irving Medical Center as part of the Incident response program 25%
Work with IT resources and other key stakeholders around CUIMC to facilitate coordinated security operations around vulnerability management, pen-testing, baseling 20%
Participate in incident handling and response including possible off-hours response 15%
Contribute to the security systems design process and projects as a programming resource 15%
Prepare accurate and useful security metrics, based on event feeds and ISO activity, threat intelligence and other analysis 10%
Draft technical documentation, incident reports, communications to other technical staff 5%
Assist in security thought leadership activities which promote greater awareness of information security leading practices 5%
Other duties as required 5%
Requires a bachelor's degree or equivalent in education, training and experience, plus three years of related experience
Relevant work experience either in applications development, IT operations, incident management in healthcare, research, institutes of higher learning, and corporate environments. Evidence of current technical skills is strongly favored.
Understanding of the CVSS, CVE , MITRE, Device Benchmarking, security frameworks as well as threat and vulnerability management workflows.
Experience in information security technical vulnerability testing using Nexpose, AppSpider, NMAP, and other tools.
Experience in network and applications security.
Experience in securing, monitoring, and operational incident response on web applications, SMTP email services, and other critical IT services.
Must be a clear technical writer capable of producing technical documentation, incident reports, and information security awareness materials.
Ability to understand and work with healthcare professionals, educators and researchers.
Ability to work independently with minimal supervision as well as be creative and innovative at conducting a high volume of risk analyses while reporting accurate and relevant risks to the appropriate constituents.
Experience working in a HIPAA/HITECH/OMNIBUS-regulated environment. Functional knowledge of other relevant compliance regulations (PCI, FERPA, Data Breach Acts, FISMA) and security standards (HITRUST, PCI-DSS, ISO 27001/2, NIST). Experience working in an academic medical center or hospital environment a plus.
The ideal candidate will understand the development of Information Security systems, the security issues of application development generally, and the security and development issues involved in integrating an environment of multiple complex systems.
General experience in application installation, configurations, and deployments in enterprise environments.
ISACA, ISC2 , or any relevant GIAC or industry recognized Security certifications highly preferred.
Rotating On-Call coverage, on nights and weekends, is required for this position
Subject to business needs, we may support flexible and remote work arrangements. Options will be discussed during the interview process
Experience in designing, building and deploying automation to scale for vulnerability discovery efforts and device security compliance.
Strong Knowledge in security systems design process and technical mitigation.
Relevant soft skills to influence a cross functional team to accomplish goals
Knowledge across different IT verticals and ability to evaluate, deploy and apply security IT principles to new technologies.
Columbia University is one of the world's most important centers of research and at the same time a distinctive and distinguished learning environment for undergraduates and graduate students in many scholarly and professional fields. The University recognizes the importance of its location in New York City and seeks to link its research and teaching to the vast resources of a great metropolis. It seeks to attract a diverse and international faculty and student body, to support research and teaching on global issues, and to create academic relationships with many countries and regions. It expects all areas of the university to advance knowledge and learning at the highest level and to convey the products of its efforts to the world.