Senior Cybersecurity Engineer - Full-Time

Position: Senior Cybersecurity Engineer
Kern Medical has been a community cornerstone since its founding in 1867. Today, we are an acute care teaching center with 222 beds, offering the only advanced trauma care between Fresno and Los Angeles. Kern Medical cares for 15,500 inpatients and 125,000 clinic patients a year.
Career Opportunities within Kern Medical include many benefits such as:

• New Hire Premium: +6% of base rate of pay, matched up to 6% if contributed to Deferred Compensation Plan.
• A Comprehensive Benefits Package: includes Holidays, Paid Time Off, Retirement, Medical, Dental, Vision and Life Insurance

Compensation
The estimated hourly pay for this position is $47.4325 to $58.3360. The rates shown include a 6% premium pay (base= $-$ plus 6%). This reflects only a portion of the total compensation package for this position. Additional compensation may be available for this role through differentials, incentives, and bonuses. In addition, this position may be eligible for participation and company contributions into the Kern County Employees' Retirement Plan.
Definition:
Under general supervision, the Senior Cybersecurity Engineer will oversee and assist in the continuous monitoring of enterprise environment assets, analyzing threats, mitigating vulnerabilities, detecting compromises, and conducting incident response. The position is also responsible for the design, configuration, implementation, and ongoing support of our enterprise security tools.
Distinguishing Characteristics:
This position plays a vital role in safeguarding the organization's digital assets and maintaining a secure IT environment. They must stay current with emerging threats and continuously adapt their strategy to protect against cyber risks. The Sr Cybersecurity Engineer must possess extensive professional work experience and knowledge in implementing enterprise security best practices including encryption, implicit and explicit permissions, multi-factor authentication, auditing and digital forensics, and data retention; understanding network and encryption protocols; understanding and applying network security concepts and troubleshooting enterprise firewalls.
Essential Functions:

• Develops and executes a comprehensive cyber security strategy in alignment with the organization's business goals and industry best practices. Regularly assesses and updates the strategy to address evolving threats.

• Ensures the service ability and integrity of Security Operations Center (SOC) equipment and tools
• Serves as the subject matter expert on security systems, including but not limited to SIEM (Security Information and Event Management), SOAR (security orchestration, automation, and response), EDR (Endpoint, detection and response), IAM (Identity and Access Management), PAM (Privileged Access Management), Intrusion Prevention System/Intrusion Detection System, Web Proxy Firewall, DLP (Data Loss Prevention), Email Security, and WAP (Wireless Application Protocol), and provides technical leadership on their day-to-day operation, as well as enhancements to the toolset.
• Participates and leads the efforts of cybersecurity analysts on the day-to-day operation of the Security Operations Center (SOC).
• Performs threat hunting activities including analysis of threat intelligence, detection and evaluation of Indicators of Compromise (IOC), and escalation of incidents
• Evaluates vendor solutions, makes recommendations, and leads projects for deployment and/or enhancement of security systems
• Participates in the incident response team and execute the Incident Response Plan and cyber incident playbooks
• Reviews cybersecurity requests against normal operational security processes and provide approval or escalation
• Supports Security Operations Center (SOC) efforts in digital forensics and eDiscovery
• Liaises with other departments on operational security matters, requests, and problems
• Maintains documentation on tools, processes, procedures, and playbooks
• Other job duties as assigned

Employment Standards:

• Bachelor's degree in information Computer Sciences, Information Computer Technology, Information Systems, or in a closely related field or equivalent experience

AND

• Five (5) plus years of professionalwork experience in IT and 3 years within cybersecurity

Additional Preferred Standards

• Knowledge of IAM (Identity Access Management) and PAM (Privileged Access Management)
• CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+), Systems Security Certified Practitioner (SSCP) or equivalent certifications
• Knowledge of Health Insurance Portability and Accountability Act (HHIPAA), Health Information Technology for Economic and Clinical Health Act (HITECH), Sarbanes-Oxley Act (SOX), and other compliance requirements related to information security.
• Previous experience in an acute Healthcare organization.

Knowledge of:

• Understanding the NIST 800-53 framework and application of its controls in operational security
• Installing, configuring, and supporting all varieties of Microsoft Windows Services and platforms in an enterprise environment
• Proficiency in scripting languages and PowerShell
• Implementing enterprise security best practices including encryption, implicit and explicit permissions, multi-factor authentication, auditing and digital forensics, and data retention
• Understanding network protocols, routing and switching, LAN/WAN, remote access, and encryption protocols
• Understanding and applying network security concepts and troubleshooting enterprise firewalls, Intrusion Detection System (IDS)/Intrusion Protection System (IPS), Domain Name System (DNS) Security, and Web Application Firewall (WAF)
• Microsoft Office365, Azure Cloud, Microsoft Cloud App Security, and related security concepts
• Supporting email routing and messaging systems, email security gateways, and email encryption
• Intimate knowledge of security tools such as SIEM, SOAR, EDR, DLP, and Web Filter/Proxy
• Principles and practices of supervision, team building and leadership
• Working with other public and private agencies in efforts to provide information technology-specific customer service to the community, public and key stakeholders
• Generating a consensus and collaborative relationships to bring about efficient and effective outcomes

Ability to:

• Communicate professionally, both written and orally, including technical documentation
• Identify and resolve challenging technical issues and problems or research possible solutions
• Use exceptional analytical skills and work under pressure
• Respond quickly, courteously, and proficiently to customer service requests
• Solicit feedback and adjusting customer requests to fit into business improvements
• Develop, maintain and update well written procedural documents

Supplemental:
Dependent upon assignment, applicants may be required to pass an extensive background investigation, and be fingerprinted. Disqualification for felony, misdemeanor, and traffic offenses will be assessed on a case-by-case basis.
All Kern Medical employees are designated "Disaster Service Workers" through state and local laws (CA Government Code Sec. 3100-3109 and Ordinance Code Title 2 - Administration, Ch. 2.66 Emergency Services.) As Disaster Service Workers, all county employees are expected to remain at work, or to report for work as soon as practicable following a significant emergency or disaster.
If position responsibilities require driving a personal vehicle, then possession of a current valid California Driver's License and adherence to the Kern County Hospital Authority Vehicle Use and Driving Standard Policy (ENG-EC-119) is required.
If position responsibilities require driving a vehicle owned, leased or rented by Kern Medical, then possession of a current valid California Driver's license, a signed authorization for Release of Drivers Record Information and adherence to the Kern County Hospital Authority Vehicle Use and Driving Standard Policy (ENG-EC-119) is required.