Overview
Skills
Job Details
Hi
PFA below requirement and let me know your interested
Job title: Cyber Security Engineer
Location: Remote
Duration: Contract
KEY RESPONSIBILITIES
- This role may mentor and coach more junior team members while also providing guidance and support in their professional development and daily tasks Work within our security team to develop, engineer, and maintain comprehensive security solutions for Evergreen’s Azure and Office 365 environments. This includes protecting sensitive data, PII, and PHI in strict compliance with HIPAA and HITRUST regulations.
- Lead the strategy and ongoing enhancement of the configuration and management of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions.
- Develop and harmonize sustainable security strategies that significantly strengthen Evergreen’s overall security posture and ensure compliance with all relevant regulatory and industry requirements leveraging in-depth expertise in the features and functionalities of Microsoft 365 security solutions, including but not limited to Entra, Defender XDR, Defender for Cloud Apps, Purview, Defender for Endpoints, and Information Protection and Governance.
- Implement and manage a comprehensive suite of technical security controls and tools, including but not limited to Azure monitoring and alerts, endpoint protection, firewalls, routers, switches, Azure AD, group policies, and conditional access policies. Ensure that proper monitoring, logging, and automated notification mechanisms are in place for all critical systems, applications, network devices, and processes.
- Continuously monitor Evergreen's cloud environments for security threats and vulnerabilities. Promptly respond to and remediate any incidents, minimizing potential impact and ensuring the ongoing security and integrity of Evergreen’s information systems and assets.
- Collaborate with the Security Team and Sr. Information Security Director to develop incident response playbooks. Ensure that these playbooks provide clear guidance for properly investigating, documenting, and resolving security incidents.
- Take a proactive role in all phases of security incident response activities, including triage, containment, eradication, and recovery, when necessary.
- Collaborate closely with the Sr. Director of Information Security and key business units to develop and maintain a comprehensive Data Loss Prevention (DLP) strategy. This strategy must provide robust protection against unauthorized access or exfiltration of PII, ePHI, and other sensitive business information without hindering Evergreen’s ability to conduct day-to-day operations.
- Develop and implement standardized, secure configurations for all endpoints, network devices, and applications. Ensure that unnecessary ports, services, and features are properly disabled or removed before deployment to production environments.
- Ensure that all security tools, including but not limited to Zscaler, Sentinel One, SIEM, O365, Abnormal, and Absolute, are properly configured and aligned with the policies and standards outlined in Evergreen's Information Security Policy.
- Perform periodic vulnerability scans to ensure all endpoints, firewalls, and network devices are running the latest security patches. Prioritize the remediation of high and critical vulnerabilities within acceptable remediation timelines. Confirm that default-deny rules are in place, allowing traffic only for the necessary services and ports that have been explicitly approved. Ensure that all configuration changes are properly documented, reviewed, and approved through Evergreen's formal change control process.
- Develop well-informed security recommendations and solutions in collaboration with the Sr. Director of Information Security, key stakeholders and business units.
- Work closely with the Sr. Director of Information Security to pinpoint security loopholes, vulnerabilities, inefficiencies, and areas for enhancement. Integrate advanced security tools, AI, and automation strategies to enhance Evergreen's ability to effectively detect, respond, and recover from security incidents.
- Collaborate with the Sr. Director of Information Security to make strategic decisions regarding the procurement, consolidation, and implementation of new security tools and technologies. Conduct thorough proof-of-concept evaluations to ensure selected solutions effectively address Evergreen's security requirements and integrate seamlessly with existing infrastructure.
- Develop, maintain, and regularly update all relevant documentation, including security policies, procedures, standards, and diagrams. Ensure that all documentation is stored in a secure, centralized repository, with proper version control and easy accessibility for authorized team members.
- Proactively stay informed about the latest security threats, vulnerabilities, and industry trends. Leverage this knowledge to identify, recommend, and implement improvements to Evergreen's security strategy and operations.
WHO YOU ARE:
As a Senior Cybersecurity Engineer you excel in a dynamic, fast-paced environment where priorities can change rapidly. You possess an ownership mentality, taking full responsibility for your role and deliverables while guiding and mentoring junior team members. Your exceptional communication skills enable you to articulate ideas clearly and inclusively. You thrive in collaborative settings, leveraging diverse perspectives to solve complex problems. Your expertise in applying security solutions that align with Evergreen’s mission and objectives distinguishes you as a leader, setting a strong example for your team.
REQUIREMENTS
- Demonstrated ability to lead and mentor security team members, fostering continuous improvement and collaboration
- Highly entrepreneurial spirit with a "make it happen" attitude
- High degree of emotional intelligence, competence, maturity, adaptability, resilience, integrity, and initiative
- Exceptional interpersonal skills and the ability to collaborate effectively with executives, managers, and team members across various departments, fostering a positive and productive work environment
- Ability to communicate a security strategy to both technical and non-technical audiences
- Vibrant personality willing to contribute to a fun work atmosphere
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field
- A minimum of 5-7 years of experience in cybersecurity is preferred
- Proven understanding of healthcare privacy and security practices, with knowledge of regulations such as HIPAA, HITECH, HITRUST, NIST, and PCI DSS (ideal)
- Certification in one or more of the following: CompTIA Sec+, CYSA, CEH, CISSP, CISM, CISA, CCSP, Azure Fundamentals, GCIH, GCFA
- Strong technical foundation in security technologies and tools, such as DLP, SIEM, Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions, Azure Cloud Security, Intune, Defender, Entra, Conditional Access Policies, and Endpoint Controls, with the ability to design, implement, and manage robust security solutions
- Demonstrated proficiency in leveraging the security capabilities of Microsoft Azure and Office 365 to protect sensitive data, ensure compliance, and mitigate risks
- Knowledge of cybersecurity frameworks such as NIST, HITRUST, CIS, HIPAA, PCI
- Experience creating scripts and automating processes
- Strong incident response skills, including computer intrusion investigations and digital forensics in enterprise environments
- Excellent organization, planning, time management, project coordination, and project management skills
- Strong analytical and problem-solving skills
Looking forward to hear and work with you soon
Thanks & Regards
Ashok Reddy
Sr US IT Recruiter
SAR TECH LLC