What are the responsibilities and job description for the Cybersecurity Engineer - Intermediate position at Atrium Health?
Overview
Job Summary
Under general supervision oversees overall security posture and risk management program as it applies to our computing environment for on-premises and cloud-based solutions.
Essential Functions
- Works independently or with other Cybersecurity Engineers to maintain & implement cybersecurity systems.
- Maintains confidentiality, integrity, and availability of the computing environment and enforces the Acceptable Use Policy.
- Participates in incident response as directed by management.
- Understands what is allowed by policy, how to apply basic security controls, and provides guidance to Associates.
- Monitors multiple cybersecurity systems, solutions, or services and identifies potential issues for additional review and recommends potential resolutions while also assisting Associates.
- Adheres to the confidentiality of investigations, incidents, and forensics reviews.
- Manages cybersecurity projects with minor guidance and provides reporting to management. In some cases, ability to lead cybersecurity projects with autonomy. These may include anti-phishing testing, firewall changes, vulnerability review coordination, and other projects defined by management.
- Provides cybersecurity training and performs presentations to medium size audiences of less than 100 people on cybersecurity topics.
- Works with sensitive information and engages with Enterprise Privacy, the Legal Department, and law enforcement, where directed by leadership.
Physical Requirements
Must be available for callback support on a regular basis including travel to facilities and data centers located in various states. Ability to sit for extended periods of time. Ability to lift and carry objects up to 40 pounds. Extensive evening and weekend hours may be required during incidents, major project go-lives, or during downtimes.
Education, Experience and Certifications
Bachelor’s degree preferred. 3 years relevant IS experience required with 2 years of Cybersecurity experience preferred. Security certification (Security or equivalent) preferred. General understanding of HIPAA requirements and Payment Card Industry Data Security Standards required. General knowledge of most cybersecurity information security controls, infrastructure and implementation techniques and can support the organization with supervision required. Ability to work individually or within a group setting. Excellent oral and written communication skills.