Sr. Information Security Engineer
Location: Orange, California US
Job Number: 2093
Position Title: Sr. Information Security Engineer
Alignment Healthcare is a data and technology driven healthcare company focused on partnering with health systems, health plans and provider groups to provide care delivery that is preventative, convenient, coordinated, and that results in improved clinical outcomes for seniors.
We are experiencing rapid growth (backed by top private equity firms), and our team is looking for the best and brightest individuals. We love our customers and understanding them better makes it possible to provide the best clinical outcomes and care experience.
Are you an Information Security Engineer with experience in automation, cloud technologies, and endpoint security? Would you like to work in an environment where your skills can be utilized effectively, and you have opportunities to make significant impact? If you are passionate about security and can reduce risk in practical ways that scale, we want to hear from you!
- Contributes to the daily operational aspects of the Information Security Team, primarily from a technical implementation perspective.
- Assists with break/fix of tools and automation that are owned by the Information Security Team.
- Works with internal and external customers on a variety of issues, from a simple security review of a mundane and routine ask, to a complex deep dive into a new feature implementation in O365, Azure, or AWS.
- Balances operational work (approximately 70% of the day) to help meet team SLAs, and project work (approximately 30% of the day) to meet assigned team deliverables.
- Contributes to the design, implementation, and documentation of new security tools.
- Collaborates with other internal information technology teams (networking, cloud, traditional architecture, developers, and data scientists) to support internal and external systems.
- Utilizes scripting and DevOps to provide automation and orchestration between:
- information security tools, such as the SIEM (Logstash, FortiSIEM, IBM QRadar, etc.);
- endpoint protection (Symantec, McAfee, Cylance, CrowdStrike Falcon, etc.);
- vulnerability scanners (Rapid7, Nessus, etc.);
- patch management (SCCM, Altiris, PDQ, etc.);
- other applications;
- OS’ (Windows, MacOS, Linux, iOS, Android);
- cloud platforms (AWS, Azure); and
- IAM platforms (Active Directory, Okta, Auth0, PingIdentity, SAML, OIDC).
- Clearly documents designed automation and system relationships.
- Contributes and participates in the Information Security Team daily stand-ups and other meetings as necessary.
- Participates in regular reporting, maintaining accountability and transparency within the Information Security Team.
- Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS) and regulatory requirements (HIPAA, HITECH, HITRUST, etc.)
- Technical knowledge of common information security tools and systems: DLP, MAM/MDM, Firewall/VPN, endpoint protection, PKI, RBAC, IAM, etc.
- Demonstrated practical experience with one or more programming or scripting languages. (PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.) We’re not picky, but you must be able to deliver practical automation!
- Demonstrated practical experience with one or more of the major cloud providers (AWS, Azure, GCP).
- Excellent oral and written communication skills, and an ability to present and discuss technical information in a way that establishes rapport and trust.
- Detail orientated, with an ability and desire to build to 100%, but being ok with building to 90% as tasked.
- An ability to be productive as an individual contributor with little supervision to meet agreed upon deliverables.
- Prior experience in the healthcare or a related HIPAA regulated industry.
- A working knowledge of the NIST CSF and/or CIS Critical Security Controls (CSC).
- A working knowledge of Git and GitHub.
- Previous experience contributing to projects using agile tools (Jira, Azure DevOps, Pivotal) and processes (Scrum, Kanban).
- One or more cloud security certifications.
- Bachelor’s degree in Computer Science, Computer Engineering, or related technical discipline, and/or equivalent work experience.
- 3+ years’ experience working in a technical, hands-on, information security role.
- One or more current security related certifications (e.g., CISSP, SANS GIAC, etc.)
Location City: Orange
Location State: California
Community / Marketing Title: Sr. Information Security Engineer
Who is Alignment Healthcare?
- Socially responsible
- Technologically enabled
- Concierge care
- Servant leadership
We are dedicated to transforming the complex and confusing process of medical treatment in the United States so that every link in the health care continuum becomes more efficient, productive, and effective. We built a team of people who want to make a difference. Come join the team that is changing health care one person at a time.
We believe that great work comes from people who are inspired to be their best. We invite you to explore our wide variety of roles based on your unique experience.