Summary

The Cybersecurity Remediation Engineer works with the Information Security Officer (ISO), Senior Manager Technology Services and the technical teams on the discovery, prioritization, planning, and remediation of identified security threats and vulnerabilities.

 

Essential Duties and Responsibilities

This is a hybrid position with cybersecurity and IT responsibilities Continually monitor and stay abreast of current threats to the environment, neutralize active threats through hands-on remediation, and identify preventive measures to reduce the risk of security incidents Work with Ellis Medicine ISO, and the Senior Manager Technology Services to perform essential job duties and provide insight into active threats and improvements to security posture elements Audit configurations on IT systems and advise towards a security baseline Work with technical teams to identify proper vulnerability remediation procedures Document work plans for the remediation efforts using enterprise ticketing, change control, cybersecurity systems, MS Office suite, Visio Maintain compliance with all company procedures Perform related duties as assigned by supervisor Will participate in the rotating 24/7 on call support system

 

Qualifications

Education and Certifications Bachelor’s degree in computer engineering or cyber security and 2 years experience supporting infrastructure systems. (Microsoft and Linux servers, storage systems, networking equipment, SQL, Hypervisors, etc.) Or an Associate's degree in computer engineering or Cyber security and  4 years experience supporting infrastructure systems. (Microsoft and Linux servers, storage systems, networking equipment, SQL, Hypervisors, etc.) Certifications may be considered in lieu of education, such as: A+, Net+, Server+, Security+, CCNA, CCST, etc. Additional experience may be considered Display a strong grasp of key security and IT concepts Networking: LANs, VLANs, trunks, spanning tree, IP subnetting, routing protocols, SDWAN, SASE, enterprise wireless, packet traces Cloud Concepts: SaaS, IaaS, PaaS, hybrid, on premises Cybersecurity Principles: defense in depth, least privilege, CIA triad Cybersecurity Technology: NAC systems, next-generation firewalls, VPNs, micro segmentation, IAM, vulnerability management, encryption Cybersecurity Frameworks: NIST CSF, CIS Critical Controls, HIPAA IT principles: High availability, clustering, failover, single point of failure, dynamic routing, classification, tagging Server and Compute: Client Server, virtualization, clustering, failover, backups, imaging Experience working with a majority of the following Cisco, HP Aruba, or Arista switches Cisco, Fortinet, or Palo Alto firewalls Cisco, HP Aruba, or Arista wireless networks Desktop and application virtualization Microsoft365 Admin Tools such as: Security, Exchange, Teams, and Entra Data classification tools Vulnerability scanning tools Next-Generation EDR AD audit tools Security logging and monitoring tools Responsibilities include Security logs and correlation EDR Threat correlation and hunting Vulnerability management Configuration auditing against security baseline Microsoft DHCP, DNS, AD, and Microsoft365 Cisco networking such as VLANs, trunks, subnets, spanning tree, routing Server virtualization Backups Document processes and procedures Additional Ability to work independently and to carry out assignments to completion within parameters of instruction given, prescribed routines and standard accepted practices Experience working within an enterprise change control process. Must be able to work under pressure and meet deadlines, while maintaining a professional attitude and providing exemplary customer service Strong analytical/problem-solving skills Articulate verbal and written communication skills Computer Proficiency in MS Office Suite Ability to create legible Visio diagrams of IT and security systems

 

Physical Requirements

Ability to safely and successfully perform the essential job functions consistent with the ADA, FMLA and other federal, state and local standards.