Security

Access Security Engineer

Contract

Brooksource

<< Return to Search Results

Brooksource is seeking a Access Security Engineer for our leading “digital-first” Healthcare client in the NC/SC area. The Access Security Engineer is responsible for managing access security solutions to ensure the security and resilience of systems and assets, consistent with related policies, standards, and procedures.

 

The Access Security Engineer implements the appropriate technical safeguards to ensure the delivery of critical infrastructure services. To achieve this goal, the Access Security Engineer tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation required to effectively manage cybersecurity resources utilized to achieve access security architecture goals.

Digital Products and Services team members are responsible for securely managing information systems throughout their lifecycle, including knowing what information systems are within their scope of responsibility, understanding what sensitive data is stored, transmitted, or processed on those information systems, enforcing the security principles of least privilege and least functionality, knowing what events may constitute a cybersecurity incident, and understanding their role in security incident response activities.

Essential Functions:

  1. Process: Administer and operate access security capabilities within scope of responsibility (i.e.; certificate management, remote access, identity and access management, federation, etc.) to include installation, configuration, maintenance, backup and restoration. Test and evaluate new identity and access management applications, access controls, and configurations of platforms. 
  2. Collaboration: Coordinate with network and system engineers to assist with the management of operational tools with secondary cybersecurity functions (i.e.; network policy manager, proxies, identity and access management, denial of service protection, etc.). Identify potential conflicts with implementation of cybersecurity tools within the enterprise information system architecture and information security architecture. 
  3. Security: Assist in identifying, prioritizing, and coordinating the protection of critical infrastructure and key resources. Provide technical assistance to the configuration of information system implementation of the principle of least functionality. Protect communications and control networks.

Qualifications:

·        Education: Associates or Bachelors degree in related field

·        Experience: Minimum five years proven information security experience

·        Preferred Certifications:

o  Microsoft Technology Associate – Security

o  Fundamentals, CompTIA Healthcare IT Technician, SSCP, CompTIA Security+, or equivalent

o  CSSLP, GSEC, vendor certificate in specific tool, or equivalent

o  CISSP-ISSEP, CASP, GCED, or equivalent

o  One or more additional professional security or technology specific certifications

o  ITIL Foundations

Additional Skills/Requirements:

·        Advanced knowledge of authorization models (ACL, DAC, MAC, RBAC, ABAC, etc.)

·         Intermediate knowledge of directory services (e.g., Microsoft Active Directory)

·        Intermediate knowledge of key management (generation, exchange, storage, use, destruction, and replacement)

·        Advanced knowledge of federated identity management and single sign-on capabilities

·        Advanced knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools

·        Advanced knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data

·        Intermediate knowledge of networking (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and how it flows in the Open System Interconnection (OSI) model stack

·        Intermediate skill in applying host access controls (e.g., access control list)

·        Intermediate knowledge of cyber defense policies, procedures, and regulations

·        Intermediate knowledge of processes for reporting network security related incidents

·        Intermediate knowledge of information security architecture principles

·        Intermediate interpersonal communication skill, both written and oral, with the ability to communicate effectively to technical and non-technical audiences

·        Intermediate technical writing skill

·        Intermediate skill with MS Office suite of tools and SharePoint

Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.

JO-2103-108968

Close Bitnami banner
Bitnami