IT Principal Security Engineer - Remote - Military veterans preferred

Location:
Req Number: Req #1038
Date Posted: Monday, May 13, 2024

Paradigm is an accountable specialty care management organization focused on improving the lives of people with complex injuries and diagnoses. The company has been a pioneer in value-based care since 1991 and has an exceptional track record of generating the very best outcomes for patients, payers, and providers. Deep clinical expertise is the foundation for every part of Paradigm’s business: risk-based clinical solutions, case management, specialty networks, home health, shared decision support, and payment integrity programs.

We are seeking a full-time, remote IT Principal Security Engineer. This position performs information security engineering, administrator, and support functions. Experience in network and endpoint threat analysis, incident response, and threat hunting methodologies. Well-rounded background in endpoint/network security defenses as well as some offensive security knowledge to allow the ability to think as an adversary. This role will work with other Security analyst and engineers to understand the broader security protection levels throughout the organization, identify security gaps, and partner with others on the team to develop strategies to enhance controls, assess new security technologies, deploy, and configure new security technologies, along with regularly reviewing controls of existing security technologies. This role will contribute to the security incident response process to assess the risk, impact, and scope of identified threats, as well as having or developing the ability to lead security incident response efforts to include containment, eradication, and recovery.

RESPONSIBILITIES:

• Responsible for engineering, deploying, and administrating information security solutions (hardware, software, policies, and procedures).
• Evaluate Paradigm’s existing defenses relative to current threats, regulatory requirements, contractual requirements, and industry practices, and recommend and/or implement changes as appropriate.
• Understand business needs for data transfer and system access and evaluate solutions to meet those needs in a secure fashion and recommend and/or implement changes as appropriate.
• Perform system administration on security-related systems, including user account administration, product updates, log file maintenance, etc.
• Evaluate, test, and deploy new Security technology as needed to include testing and integration to ensure that all software and hardware operate properly together.
• Lead efforts in the development of Cyber Threat Use Cases (actionable alerting/reporting), to include development of test cases and response plans for each Use Case.
• Provide support and assist in the training/mentoring of junior security staff to increase their understanding of complex security analysis methodologies and issues.
• Collaboratively participate in threat research, analysis, correlation, and development of original intelligence to enable predictive and actionable reporting.
• Ensure thorough and accurate reporting during and concluding a security incident through strong verbal and written communication.
• Perform threat hunting efforts, focused primarily on identifying advanced threats that are not detected via traditional security tools.
• Provide awareness to internal teams and leadership on changes to the security threat landscape through various intelligence collections.
• Publish internal threat intelligence products and intelligence briefings to provide actionable information to tactical and strategic stakeholders.
• Establish close relationships with business stakeholders outside of the security team.
• Create and maintain detailed documentation.

QUALIFICATIONS:

• Minimum 2+ years of experience in Information Security
• Minimum 2+ years of Security Information and Event Management (SIEM) experience.
• Minimum 2+ years of experience with network security, endpoint security, or security threat vectors.
• Minimum 2+ years of security incident response experience.
• Excellent interpersonal skills.
• Ability to manage complex issues and develop solutions.
• Detail-oriented, excellent communication (oral and written), interpersonal, organizational, and presentation skills.
• Ability to execute in a fast paced, high demand, environment while balancing multiple priorities.
• Strong understanding of attacker tools, techniques, and methodologies. Ability to gather and act on cyber threat intelligence.
• Programming or scripting experience a plus.
• Strong collaborative skills and proven ability to work in a diverse team of security professionals.
• Certifications preferred in one or more of the following:
• Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc.), GIAC Cyber Threat Intelligence (GCTI), or other relevant certifications.

Paradigm believes that fostering a diverse and inclusive workplace is central to our mission of helping more people and transforming lives. We’re striving to build a culture that better reflects the society we live in and empowers our team to deliver the highest levels of compassion and care to those we serve. For us, achieving this goal requires a workforce that respectfully embraces differences and commits to positive change, creating an environment where everyone is able to bring their whole self to work.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

Other details

Job Family Active
Pay Type Salary
Min Hiring Rate $101,400.00
Max Hiring Rate $172,500.00

PI240873939