Job Description

Location: Seattle (100% remote)
Local WA residence preferred

We are seeking a highly skilled Senior Information Security Engineer to join our team in the Health Insurance industry. The ideal candidate will have extensive experience with NIST Cybersecurity Framework (CSF), AZURE, and CrowdStrike Falcon Complete MDR and SIEM. This role involves ensuring the security and integrity of our information systems, managing security incidents, and maintaining compliance with industry standards.

Essential functions and Roles and Responsibilities:

Job Functions:
Security Management:
Identifies gaps and recommends security improvements for Networks, Servers, Endpoints, Applications, Identity, Cloud and multiple vendor cyber security technologies.
Compliance:
Implement and maintain security standards and regulations such as NIST CSF, CISA, HIPAA and other frameworks.
Incident Response:
Operate security tools and technologies, including CrowdStrike Falcon Complete, to detect, respond to, and mitigate security incidents.
Operates Technologies:
Oversees the operation and management of assigned information security technologies, vendors, tools, processes.
Risk Assessment:
Conduct risk assessments and vulnerability management to identify and address potential security threats.
Policy Development:
Develop, document, and maintain security policies, procedures, runbooks, metrics, reports, and best practices.
Collaboration:
Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization.
 
Knowledge, Skills, and Abilities:

Skills Required:
Technical Proficiency:
Strong knowledge of NIST CSF, CrowdStrike Falcon Complete, and other security tools and technologies preferred (Illumio, Egnyte, Rapid7 InsightVM, ProofPoint, AlienVault, Thycotic Secret Server)
Analytical Skills: Ability to conduct thorough risk assessments and analyze security incidents.
Communication:
Excellent verbal and written communication skills to effectively convey security concepts to both technical and non-technical audiences.
Problem-Solving: Strong problem-solving skills to identify and mitigate security threats.
Team Collaboration:
Ability to work collaboratively with cross-functional teams.

Experience Required:
Education: Bachelor's degree in Computer Science, Information Systems, or a related field.
Experience:
Minimum of 5 years of experience in information security

Certifications:
Relevant certifications such as CISSP, CISM, or equivalent are preferred or obtained during employment
Industry Knowledge:
Experience in the Health Insurance industry and HIPAA is highly desirable.