Information Security Engineer Job

INFORMATION SECURITY ENGINEER needed for a contract opportunity with Yoh's client located in New York, NYC.

Top Skills You Should Possess:
- CISSP, CISM, or CISA Certification preferred, as well as technical certifications such as MCDBA, MCSE, or CCNP
- Previous experience in Healthcare is a plus.

What You'll Be Doing:
- Administration of security products for systems, database, and network environments. Manage role base access control. Develop audit plans for various systems, applications and data warehouses. Strong experience in Server OS, AD, Oracle, SQL and similar platforms. Research and implement security alerts and monitor various tools.
- Responsible for data classification, access controls, security reporting, and metrics.
- Review new systems designs and major modifications for security implications prior to implementation.
- Manage risk program and perform process analysis and documentation. Address all risks with business units in order to implements control and improve processes.
- Collaborate with other teams to ensure compliance with the Information Security Policy and Federal Regulations such as HIPAA and SOX.
- Conduct collaborative meetings between the networking, server, database, and application teams to address collection of metrics, system controls and process improvement. Responsible for creating reports that identify gaps and remediation recommendations. Strong communication skills are required in verbal and written form, as well as, advanced skills in Access, Excel (building tools to track and measure system metrics and progress), Project, Visio, and Microsoft Office.
- Investigate any actual or potential information security violations, manage incident response program, manage security remediation efforts, and follow up investigations with written reports. Develop supporting documentation for incident management, work flow diagrams and escalation procedures.
- Research new and emerging technologies and trends. Conduct Information Security Training and Awareness sessions to technical staff and end-users as required.
- Duties involve identifying security issues, risk management, vulnerability management, researching and deploying new security technologies, developing and documenting security policy, performing security audits as needed, and responding to security incidents. Responsible for Server, System, and Database security, as well as auditing, monitoring, and alerting tools.

What You Need to Bring to the Table:
- Previous experience as a Systems Engineer, Database Development or Administration.
- Experience in implementing security controls as well as monitoring and alerting functions.
- Reporting and systems auditing experience required.
- Experience in investigating and resolving information security violations, handling and documenting incidents, researching and deploying new security technologies, participating in security audits, as well as developing and documenting security policies.
- CISSP, CISM, or CISA Certification preferred, as well as technical certifications such as MCDBA, MCSE, or CCNP
- Previous experience in Healthcare is a plus.
- Relevant tool experience should include security reporting and auditing, vulnerability scanners, DLP and data classification tools. Monitoring and alerting tools experience.
- Strong written and verbal communication skills. Specific relevant experience may include technical reports, technical white papers, presentation development and delivery, technical training, etc. Candidate should have experience making and defending sound technical arguments that incorporate relevant technical and business considerations, and building consensus among stakeholders.
- Experience in server OS, Database technologies, AD, networking technologies, and monitoring and alerting tools required. Experience in implementation of auditing and security controls, DLP, virtualization, identity and access management and encryption technologies strongly preferred.

IF THIS SOUNDS LIKE YOU, APPLY NOW!

RECRUITER: Lori Sklarski

Yoh, a DayJ2W: ENG

Tax Term: CON_W2J2WBRNY

Ref:

Branch: IT & Telecom