INFORMATION SECURITY ENGINEER ATTACK SURFACE MANAGEMENT

City/State:
Yonkers, New York
Grant Funded:
No
Department:
MIT - Information Security
Work Shift:
Day
Work Days:
MON-FRI
Scheduled Hours:
8:30 AM-5 PM
Scheduled Daily Hours:
7.5 HOURS
Pay Range:
$116,000.00-$145,000.00

An Attack Surface Management (ASM) Engineer performs the security efforts aimed at identifying, managing, and mitigating risks associated with Montefiore Einstein's entire attack surface. This role is crucial in safeguarding patient data, medical devices, and healthcare systems against cyber threats. The Engineer is responsible for executing processes related to device discovery, vulnerability management, and penetration testing services. They will also contribute to the tracking and communication of security metrics, helping the organization make informed decisions regarding it's security posture.

Key Responsibilities:

• Perform continuous device and asset discovery across the system, including IoT devices, medical equipment, and IT infrastructure.
• Collaborate with clinical engineering and IT teams to ensure comprehensive visibility into all connected devices.
• Leverage new and existing tools and processes to maintain an accurate inventory of devices and ensure real-time updates.
• Contribute to an enterprise-wide vulnerability management program to identify and remediate vulnerabilities in medical devices, networks, applications, and systems.
• Communicate with Product Owners and technology teams across the system to prioritize patching efforts based on risk to ensure critical assets are protected.
• Coordinate regular third-party penetration testing and assessment efforts, to identify vulnerabilities and weaknesses in medical devices, networks, applications, and systems.

• Manage penetration test schedules and remediation plans, to ensure vulnerabilities are effectively mitigated.
• Create reports for executive leadership detailing the outcomes of penetration tests and remediation strategies.
• Remain aware of vulnerability trends and emerging threats in the healthcare sector to proactively adjust defensive measures.

• Coordinate with SOC (Security Operations Center) teams in response to incidents based on identified vulnerabilities.

• Develop and refine standard operating procedures (SOPs) for device discovery, vulnerability management, and third-party penetration testing.
• Document clear and efficient workflows for responding to vulnerabilities.
• Work with architecture and engineering personnel to implement automation and orchestration solutions where appropriate to improve efficiency and reduce manual effort.

• Define and track key performance indicators (KPIs) and metrics for attack surface management, such as time to patch, vulnerability aging, and device risk scoring.
• Prepare summarized reports and dashboards for leadership, outlining the organization's attack surface management risk posture and provide recommendations to prioritize remediation initiatives.

• Collaborate with IT, clinical teams, and other departments to ensure cybersecurity measures are integrated into everyday operations without disrupting patient care.
• Manage vendor relationships related to security solutions, testing services, and consulting engagements.
• Maintain security tools and services ensuring continued uptime and efficient execution of scanning activities.
• Work with DevOps, cloud, and IT infrastructure teams to incorporate secure development practices and vulnerability remediation into their workflows.

Common Technologies & Products:

The Attack Surface Management Engineer is expected to have familiarity with leading commercial and open-source tools commonly used across the security industry.

Education & Experience:

Required:

• Bachelor's degree or equivalent experience in Information Security, Computer Science, or related field, or equivalent work experience required.
• Minimum of 7 years of experience in cybersecurity, with a focus on vulnerability management, penetration testing, or threat hunting/intelligence.

Preferred:

• Master's degree in Cybersecurity, Information Technology, or Business Administration.
• Prior experience working in the healthcare industry or other highly regulated environments.

Certifications

Preferred:

• CISSP (Certified Information Systems Security Professional)
• CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)
• GIAC Penetration Tester (GPEN)
• GIAC Certified Incident Handler (GCIH)
• Certified Healthcare Information Security and Privacy Practitioner (HCISPP)

Requirements Include:

• Strong understanding of healthcare cybersecurity regulations and compliance (e.g., HIPAA, HITECH, NYSDOH 405.46).
• Strong understanding of information security control frameworks (e.g., NIST 800-53, HICP, HITRUST).
• Experience working with risk detection and prioritization solutions in a cloud enterprise.
• Experience working with network and platform vulnerability best practices, and tools such as Wiz and Tenable or similar.
• Strongly prefer exposure to IoMT (Internet of Medical Things).
• Ability to balance security controls with the needs of business, clinical and IT operations.
• Excellent verbal and written communication skills, including the ability to present complex technical information to non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to prioritize and manage multiple initiatives simultaneously.

#SF-DICE-MIT #SC-LI

Montefiore Medical Center is an equal employment opportunity employer. Montefiore Medical Center will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.