Information Security Engineer

We offer remote work opportunities (AK, AR, AZ, CO, FL, HI, IA, ID, IL, KS, LA, MD, MN, MO, MT, NE, NV, NM, NC, ND, OK, OR, SC, SD, TN, TX, UT, VA/DC, WA, WI & WY only).

Our Department of Defense contract requires ship and a favorably adjudicated DOD background investigation for this position.

Veterans, Reservists, Guardsmen and military family members are encouraged to apply!

Job Summary

Information Security Engineers play a crucial role in safeguarding an organization's digital assets. The responsibilities include designing and implementing security measures to protect systems, networks, and data from cyber threats. Conduct risk assessments, vulnerability analyses, and penetration testing to identify and mitigate potential security risks. Professionals are skilled in areas such as encryption technologies, network security protocols, and incident response. Validate compliance with security standards and regulations for a secure IT environment.

Education & Experience

Required:

High School Diploma or GED
U.S. Citizenship
Must be able to receive a favorable Interim and adjudicated final Department of Defense (DoD) background investigation
3-5+ years of experience in information security involving the implementation and administration of security requirements and security technologies
2+ years of experience designing, and supporting security in Microsoft Azure, including the use of native tools
Strong understanding of cloud security best practices, encryption, authentication, authorization, and audit capabilities
Strong oral and written communications skills that demonstrate a professional demeanor and the ability to interact with a variety of cross-functional roles with occasional executive presence
Strong understanding of threats, vulnerabilities, and exploits common to cloud applications or environments and experience implementing controls to mitigate those threats

Preferred:

Bachelor's degree in computer science, Computer Information Systems, Criminal Justice or Business
Relevant DoD Approved 8570 Certification (e.g., CISSP, SSCP)
Direct technical experience in building, conducting and performing penetration testing, audits and assurance programs in compliance with FISMA Moderate/High, HITRUST, URAC and/or similar data security requirements
One of the following ServiceNow GRC, CyberArk, SailPoint, MathCraft, Purview, or Splunk
Python Scripting

Key Responsibilities

Evaluates and implements security controls to meet or exceed the Federal Information Security Management Act (FISMA), the National Institute of Standards and Technology (NIST) and the Federal Information Processing Standards (FIPS) in "high" information classification boundary.
Implements Information Security Technology, Physical Security Controls and Federal data security requirements.
Proactively plans security systems by evaluating network and security technologies; develops requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security, network devices and workstations; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to federal and industry standards.
Plans delivery of solutions; answers technical and procedural questions from less experienced team members; teaches improvement processes; mentors team members and provides security technical leadership to other Information Security and Information Technology team members.
Determines security requirements by evaluating business strategies and requirements; researches information security standards; conducts system security and vulnerability analyses and risk assessments; studies architecture/platform; identifies integration issues; prepares cost estimates for review by Manager, Information Systems Security.
Verifies security control compliance by developing, implementing and maintaining test scripts.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducts incident response analyses; in collaboration with Training department, develops and conducts security education and training programs.
Upgrades security systems by monitoring security environment; identifies security gaps; evaluates and implements enhancements.
Prepares system security reports by collecting, analyzing, and summarizing data and trends.
Tracks and understands emerging security practices and standards; participates in educational opportunities; reads professional publications; maintains personal networks; participates in professional organizations.

.:

Authors security system and application processes for both operation and management, including as-build service configuration documents.
Performs detailed and routine assessment to ensure use of established security policies, practices and expectations across all platforms, operating systems and applications.
Drafts and recommends changes to Security Policy, Procedures, Standards and Guidelines to meet or exceed corporate or contractual security requirements.
Conducts network/system forensics and traffic analysis using protocol and intrusion detection analyzers.
Prepares system security reports by collecting, analyzing, and summarizing data and trends.
Accepts ownership for accomplishing new and different requests; explores opportunities to add value to job accomplishments.
Performs other duties as assigned.
Regular and reliable attendance and on call availability is required.

Competencies

Communication / People Skills: Ability to influence or persuade others under positive or negative circumstances; adapt to different styles; listen critically; collaborate.

Computer Literacy: Ability to function in a multi-system Microsoft environment using Word, Outlook, TriWest Intranet, the Internet, and department software applications.

Creativity / Innovation: Ability to develop unique and novel solutions to problems; view change as a necessity.

Empathy / Customer Service: Customer-focused behavior; helping approach, including listening skills, patience, respect, and empathy for another's position.

Information Management: Ability to manage large amounts of complex information easily, communicates clearly, and draws sound conclusions.

High Intensity Environment: Ability to function in a fast-paced environment with multiple activities occurring simultaneously while maintaining focus and control of workflow.

Multi-Tasking / Time Management: Prioritize and manage actions to meet changing deadlines and requirements within a high volume, high stress environment.

Organizational Skills: Ability to organize people or tasks, adjust to priorities, learn systems, within time constraints and with available resources; detail-oriented.

Problem Solving / Analysis: Ability to solve problems through systematic analysis of processes with sound judgment; has a realistic understanding of relevant issues.

Technical Skills: Conceptual and intimate knowledge of all information security tools, i.e., intrusion prevention, vulnerability scanning, syslog, firewall policies, reverse proxy, authentication.

Working Conditions

Working Conditions:

Limited infrequent travel may be required to TriWest remote locations to present security awareness material or to assess information security posture
Act as a primary point of contact for all information security related incidents requiring consultation or response, 24 hour accessibility
Provide high level of customer service to employees, business leadership and IT
Work in a cubed office environment with multiple computers and monitors
Heavy computer usage and documentation review
Extensive computer work with prolonged sitting
Requires successful completion of a background check

Company Overview

Taking Care of Our Nation's Heroes.

It's Who We Are. It's What We Do.

Do you have a passion for serving those who served?

Join the TriWest Healthcare Alliance Team! We're On a Mission to Serve !

Our job is to make sure that America's heroes get connected to health care in the community.

At TriWest Healthcare Alliance, we've proudly been on that important mission since 1996.

Benefits

We're more than just a health care company. We're passionate about serving others! We believe in rewarding loyal, hard-working people who are willing to learn as they grow. TriWest Healthcare Alliance values teamwork. Join our team, fulfill your responsibilities, and you may also be considered for frequent pay raises, overtime opportunities to earn even more, recognition and reward programs, and much more. Of course, we also offer a comprehensive and progressive compensation and benefits package that includes:

• Medical, Dental and Vision Coverage
• Generous paid time off
• 401(k) Retirement Savings Plan (with matching)
• Short-term and long-term disability, basic life, and accidental death and dismemberment insurance
• Tuition reimbursement
• Paid volunteer time

TriWest job postings typically include a salary range, which can vary based on the specific role and location, but generally this position ranges from around $95,000 - $116,000 per year.

Equal Employment Opportunity

TriWest Healthcare Alliance is an equal employment opportunity employer. We are proud to have an inclusive work environment and know that a diverse team is a strength that will drive our success. To that end, TriWest strives to create an inclusive environment that supports diversity at every organizational level, and we highly encourage candidates from all backgrounds to apply. Applicants are considered for positions based on merit and without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or any other consideration made unlawful by applicable federal, state, or local laws.