Baptist Health is the largest healthcare system serving central Alabama, providing comprehensive hospital-based and outpatient services to nearly 60 percent of the residents in Montgomery, Autauga and Elmore counties. To learn more about Baptist Health, visit us at https\://www.baptistfirst.org.
The Information Security Engineer I shall be responsible for deploying and managing strategic security technologies and applications to protect Baptist Health's data, systems, network, and patients. This individual's work shall include administration of technologies such as EDR, NDR, IDS/IPS, SIEM, NAC, IAM/IGA, firewall, vulnerability management tools, monitoring of network telemetry for anomalies, responding to cyber events, and assisting with enforcement of information security policies and managing risk. This position may have additional duties assigned as needed.
- High School diploma or equivalent required.
- Bachelor's degree in Computer Science, Information Systems or related field (or equivalent combination of education and work experience) preferred.
- Basic knowledge and understanding of Information Technology/Security best practices required.
- Experience managing desktop security, including patching, vulnerability management, antivirus, etc. required.
- Experience in Information Technology, Information Security, or comparable role preferred.
- Experience using modern information security tools and tactics such as EDR, XDR, NDR, SIEM, IDS/IPS, DF/IR, Vulnerability Management preferred.
- Experience in healthcare or related industry preferred.
- Continuous active engagement with Information Technology/Security self-education platforms preferred.
- License / Certification\: CompTIA Security+ required (or the ability obtain within 6 months of hire).
- GIAC Certified Incident Handler (GCIH) required (or the ability to obtain within 9 months of hire).
- Additional industry recognized Information Technology or Information Security certification preferred (GIAC, INE, Cisco, CompTIA, Microsoft, ISACA, etc.)
- Basic understanding of TCP/IP networking.
- Basic understanding of Windows and/or Linux desktop and server operating system administration.
- Basic understanding of server, desktop, and application virtualization.
- Ability to resolve complex technical problems in a timely manner.
- Ability to research, analyze and implement security-related solutions to business issues.
- Ability to work well independently and as part of a team.
- Ability to establish and maintain effective working relationships with managers, co-workers, customers, and partners.
- Ability to communicate and exchange information with others clearly and concisely.
- Ability to manage priorities and meet deadlines when work speed and sustained accuracy are critical.
- Ability to provide off-hours operational support when necessary and participate in a scheduled on-call rotation.
- Ability to provide exceptional support to internal and external customers.
- (Preferred) Working understanding of Active Directory
- (Preferred) Working understanding of network technology administration (switches, firewalls, wireless).
- (Preferred) Familiarity with one or more cybersecurity standards and frameworks, like NIST, COBIT, ISO 27001, etc.