Cybersecurity Engineer
Company: American Heart Association
Location: Louisville
Posted on: March 21, 2023
|
|
Job Description:
Overview
Now is the time to join an organization that enables you to be a
relentless force for a world of longer, healthier lives. Here at
the American Heart Association, you matter and so does your
career!
The American Heart Association has an excellent opportunity for a
The Cybersecurity Engineer.
The Cybersecurity Engineer is responsible for coordinating
DevSecOps in support of users of the Association's data networks
and application development teams. Responsible for providing
technical input for projects related to these environments.
Responsible for planning, implementing, maintaining, and
supervising the Association's security controls, practices and
infrastructure. Also responsible for contributing to configuration
management, change control, and reporting
The American Heart Association offers programs to help you maintain
work/life satisfaction according to your changing needs and life
situations. To help you be successful, you will have access to
Heart U, our award-winning corporate university as well as various
other training and support mechanisms locally and through our
National Center.
#TheAHALife is our company culture, our way of life, reflecting our
diversity and inclusion, our focus on work-life satisfaction, and
our Guiding Values - Check out this hashtag on Facebook, Instagram,
and Twitter today!
#AHAIND1
Responsibilities
Essential Job Duties:
Assesses vulnerabilities and threats to the Association's data
networks, evaluates available security processes and technologies,
and make recommendations to management and business partners for
reducing the issues and increasing security in an appropriate and
efficient manner.
Knowledge of DevOps practices and ability to champion security
first, DevSecOps culture and practices
Knowledge of Threat Modeling methodologies or performing
Architecture Risk Analysis
Ability to decompose applications and system designs in hybrid
cloud architectures to identify potential threats
Security technologies may include but are not limited to: Data Loss
Prevention (DLP), Security Incident Event Management (SIEM), User
Behavior Analytics, Host Intrusion Prevention (HIPS) and Web/Email
Gateway
Act as internal DevSecOps evangelist; demonstrating the benefits of
embedding security and compliance to DevOps
Develop procedures to automate security and compliance checks
during code builds and deployments, using not limited to DAST,
SAST, SCA, API Gateways, RASP and Secrets Management
Developed automated orchestration routines to ensure ongoing
protection of cloud services,
Support configuration management, quality assurance, and
cybersecurity throughout the release cycle in an DevSecOps Agile
environment
Work with all software and web development teams to ensure sound
security practices and security is crafted and built into the
applications from the ground up
Self-motivated and fully responsible for leading technology
deliverables, analyzing gaps and driving improvements to
cyber-deterrence capabilities,
Craft and develop solutions to integrate systems across the network
to improve inter-operation as well as to continuously verify
systems configuration against baselines,
Identify, select, and deploy emerging cloud and hybrid cloud
security services across cloud services,
Implements and maintains configuration management and change
control practices for security and other network administrative
functions. Participates in and contributes to identification of
security tools and network systems; long-range network planning;
business continuity planning, implementation, and disaster
exercises in support of the network infrastructure. May craft or
initiate development of security architecture.
Implements and coordinates programs, processes, and procedures
related to anti-virus protection and other activities related to
the protection of systems from intentional or inadvertent access or
destruction.
Monitors and coordinates a Network Intrusion Prevention system
(IPS) for National Center and the Association's secondary data
center location and provides technical leadership for technical
staff ensuring the Association's network is adequately secured.
Collaborates with the Business Technology team to deliver a secure,
reliable infrastructure environment, including network support for
the National Center Data Center. Identifies technology
opportunities and common issues or trends.
Recommends and implements the processes and vendor relationships
associated with internet monitoring and intrusion detection.
Evaluates and reports on the efficiency of internet security. Makes
recommendations to management for appropriate improvements.
Participates, and contributes to technology projects as assigned.
Performs other network administration duties as assigned and
participates in day-to-day network operations and technical support
issue resolutions.
Support vulnerability management program for different domains
including application, network, server and infrastructure.
Qualifications
Minimum Requirements:
Bachelor's Degree or equivalent work experience and or Professional
License/Specialized Training
5 to 8 years (senior) work experience
Demonstrable experience working with configuration
management/automation tools such as AWS CloudFormation, Ansible,
Puppet, Saltstack, Rundeck
AWS Infrastructure and Platform service offerings (VPC, EC2, EBS,
ELB, S3, and RDS
Operational tools on AWS and Azure such as Splunk, Crowdstrike,
FalconOne, Deep Security, CyberArk
Supervising systems and frameworks (CloudWatch/CloudTrail, Nagios,
Zabbix, Ganglia, Grafana, ELK)
NESSUS and WebInspect, SAST, DAST tools
Web Application Firewalls, API Gateways, Code Repositories
Experienced in Infrastructure monitoring & debugging
Proven written and verbal communication skills
Experience in information security systems, analysis, or
engineering
Experience implementing and supporting enterprise security
infrastructure and solutions including but not limited to
firewalls, IDS, IPS and VPN
Experience with network monitoring, management and diagnostic
tools
Experience in LAN/WAN technologies with focus in Cisco routers,
switches, access wireless points, network monitoring, and network
operations or similar technology position is required.
Proven ability to analyze application, server, network and security
solutions
Troubleshooting skills for sophisticated technical environment
Travel required (5% overnight and local/daily)
Compensation & Benefits
The American Heart Association invests in its people. Here are the
main components of our total rewards package. Visit Rewards &
Benefits to see more details.
Compensation - Our goal is to ensure you have a competitive base
salary. That's why we regularly review the market value of jobs and
make adjustments, as needed.
Performance and Recognition - You are rewarded for achieving
success by merit increases and incentive programs, based on the
type of position.
Benefits - We offer a wide array of benefits including medical,
dental, vision, disability, and life insurance, along with a robust
retirement program that includes an employer match and automatic
contribution. As a mark of our commitment to employee well-being,
we also offer an employee assistance program, employee wellness
program and telemedicine, and medical consultation.
Professional Development - You can join one of our many Employee
Resource Groups (ERG) or be a mentor/mentee in our professional
mentoring program. HeartU is the Association's national online
university, with more than 100,000 resources designed to meet your
needs and busy schedule.
Work-Life Harmonization - The Association offers Paid Time Off
(PTO) at a minimum of 16 days per year for new employees. The
number of days will increase based on seniority level. You will
also have a total of 12 paid holidays off each year, which includes
several days off at the end of the year.
Tuition Assistance - We support the career development of all
employees. This program provides financial assistance to employees
who wish to further their education and career in relation to their
current duties and responsibilities, or for potential future
positions in the organization.
The American Heart Association's 2024 Goal: Every person deserves
the opportunity for a full, healthy life. As champions for health
equity, by 2024, the American Heart Association will advance
cardiovascular health for all, including identifying and removing
barriers to health care access and quality.
At American Heart Association - American Stroke Association,
diversity, inclusion, and equal opportunity applies to both our
workforce and the communities we serve as it relates to heart
health and stroke prevention.
This position not a match with your skills? Click here to see other
opportunities.
EOE/Protected Veterans/Persons with Disabilities
Location US-TX-Dallas
Posted Date 5 months ago (10/26/2022 5:38 PM)
Requisition ID 2022-9244
Job Category Information Technology
Additional Locations Diversity Distribution US - Top 57
Position Type Full Time
Location: KY-Louisville
Keywords: American Heart Association, Louisville , Cybersecurity Engineer, Engineering , Louisville, Kentucky
Click
here to apply!
|