MultiPlan Information Security Engineer in New York, New York
Information Security Engineer
Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.
Our commitment to diversity, inclusion and belonging are part of the fabric of our company.We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work.We are MultiPlan and we are where bright people come to shine!
Please note: Our offices are currently closed due to the pandemic.If offered the position you would start by working from your home.However, when we fully reopen later this year this would transition to working from either our Naperville, IL, Bedford, MA, Irving, TX or New York City offices.
This position supports the Information Security Group in assuring that the corporate network, as well as (external) services are secure from external (cyber) attacks and leakage of information to the outside world. This is a highly specialized technical role requiring hands on support of the security operations function of the network and system infrastructure. This position will carry out technical operational processes surrounding vulnerability assessment/management, event monitoring/correlation, intrusion detection and prevention, investigations, security awareness, incident response, and cyber security.
Your specific job duties will include:
1.Design, implement and maintain technical security programs including but not limited to Vulnerability and Threat Management, Data Loss Prevention, Security Event Monitoring and Response.
2.Ensure security of the IT infrastructure, conduct periodic reviews of user IDs, protect the confidentiality and integrity of information, maintain the technical mechanisms and corresponding legitimate access, and comply with all relevant internal control processes as well as IT Security and Privacy Laws and Regulations.
3.Utilize third party tools to participate in the performance of internal and external penetration testing to identify and address information system security vulnerability.
4.Serve as a cyber-security subject matter expert to support cyber-risk analysis programs through the execution, analysis, and documentation of cyber-security surveys and risk-assessments.
5.Aid in the development and maintenance of relationships with various business functions including but not limited to internal audit and third party auditors. Participate in Information Security Group initiated audits and reviews of assigned business processes to evaluate adequacy of controls within IT.
6.Lead and monitorthe execution of infrastructure security processes and ensure secure user access.Oversee support, security and troubleshooting for:
a.Corporate event logging appliances and software.
b.Access security badge keycard systems.
c.Closed circuit cameras and digital video recorders.
d.Cisco IDS sensors and firewall.
8.Oversee the development and maintenance of IT Policies and Procedures with the various process owners, and publish the latest versions on our intranet web site.
9.Identify, collaborate, coordinate and communicate opportunities for strengthening IT security throughout the company. Organize and coordinate Vulnerability Management process in all platforms.
10. Ensure compliance with HIPAA, SOX, HITRUST, and SOC1/2 regulations and requirements.
11. Demonstrate Company's Core Competencies and values held within.
12. The position responsibilities outlined above are in no way to be construed as all encompassing.Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
This role works under minimal supervision and exercises discretion when making decisions related to job responsibilities. The incumbent relies on varied knowledge gained through previous experience with non-standard issues to review, analyze, and draw conclusions.One has authority to act on resolutions of extraordinary issues and provides input to how information is presented to the client and communicates results to Supervisor on a weekly basis.The impact on day-to-day operations focuses on operating decisions at the major project or functional level.Work will be subject to occasional review by Supervisor.The incumbent fields questions from a variety of sources both within and outside the Company.
\*Minimum Bachelor's degree in Computer Science, MIS, or related field coupled with a minimum of five (5) years' of global network security management experience and Network protocols and topologies; network security and overall system integration.Cross-platform technology experience is a plus.
\*CISSP or CISA certification is a plus.
\*Network certification is desirable.
\*Working knowledge of SIEM, IDS/IPS, Active Directory security, Database security, MS Windows and Unix/Linux Operating System security are required.
\*Knowledge, understanding and demonstrated expertise, in the following areas:
oNetwork Security Architecture, Firewalls, Routers and design techniques.
oFunctional security analysis at the enterprise level.
oDevelop, compile and present technical network and infrastructure security documents.
\*Working knowledge of the security surrounding Internet Protocol addresses and how to prevent their vulnerability is required.
\*Working knowledge of Vulnerability Management Program and solutions supporting the program.
\*Knowledge of:UNIX/Linux hardening; IPtables firewall; Host based intrusion detection; 2-factor authentication; ACLs; Selinux; Perl/ksh/python scripting; Methods of securing data transmission: openssl, stunnel, https, ssh, etc.; Centralized syslog server implementation and maintenance; Configuration management tools (puppet/chef/cfengine).
\*Communication (written, verbal and listening), technical, project management, problem solving, organizational, goal setting, mentoring, leadership and time management skills.
\*Ability to create an IDS and IPS policy preferred.
\*Ability to work with people and have ability to do presentation to midsize and large audiences.
\*Ability to use software, hardware, and peripherals related to job responsibilities, including MS Office.
\*Ability to maximize the use of the available technology, welcomes new technology, and stay abreast of the latest technologies.
\*Ability to interact with tact, persuasiveness, minimum deviation from standard routings or the making of incidental adjustments to facilitate delivery of services or work output.
\*Ability to travel as needed to Company locations and third party locations
\*Individual in this position must be able to work in a standard office environment which requires sitting and viewing monitor(s) for extended periods of time, operating standard office equipment such as, but not limited to, a keyboard, copier and telephone
We realize that our employees are instrumental to our success, and we reward them accordingly with very competitive compensation and benefits packages, an incentive bonus program, as well as recognition and awards programs. Our work environment is friendly and supportive, and we offer flexible schedules whenever possible, as well as a wide range of live and web-based professional development and educational programs to prepare you for advancement opportunities.
Your benefits will include:
\*Medical, dental, and vision coverage (low copay & deductible)
\*Short- and long-term disability
\*401(k) + match
\*Generous Paid Time Off
\*Paid company holidays
\*Flexible Spending Account
\*Employee Assistance Program
MultiPlan is an Equal Opportunity Employer and complies with all applicable laws and regulations. Qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status. If you'd like more information on your EEO rights under the law, please .
As an Equal Opportunity Employer, the Company will provide equal consideration to all employees and job candidates without regard to sex, age, race, marital status, sexual orientation, religion, national origin, citizenship status, physical or mental disability, political affiliation, service in the Armed Forces of the United States, or any other characteristic protected by federal, state, or local law. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled