Cyber Security Engineer
City of Hope
NV
Job posting number: #7141230 (Ref:10021244)
Posted: April 21, 2023
Salary / Pay Rate: $48.30 - $77.28 / hour
Application Deadline: Open Until Filled
Job Description
About City of Hope
City of Hope's mission is to deliver the cures of tomorrow to the people who need them today. Founded in 1913, City of Hope has grown into one of the largest cancer research and treatment organizations in the U.S. and one of the leading research centers for diabetes and other life-threatening illnesses. City of Hope research has been the basis for numerous breakthrough cancer medicines, as well as human synthetic insulin and monoclonal antibodies. With an independent, National Cancer Institute-designated comprehensive cancer center at its core, City of Hope brings a uniquely integrated model to patients spanning cancer care, research and development, academics and training, and innovation initiatives. City of Hope’s growing national system includes its Los Angeles campus, a network of clinical care locations across Southern California, a new cancer center in Orange County, California, and treatment facilities in Atlanta, Chicago and Phoenix. City of Hope’s affiliated group of organizations includes Translational Genomics Research Institute and AccessHopeTM. For more information about City of Hope, follow us on Facebook, Twitter, YouTube, Instagram and LinkedIn.
City of Hope’s commitment to Diversity, Equity and Inclusion
We believe diversity, equity and inclusion is key in serving our mission to provide compassionate patient care, drive innovative discovery, and advance vital education focused on eliminating cancer and diabetes in all of our communities. Our commitment to Diversity, Equity and Inclusion ensures we bring the full range of skills, perspectives, cultural backgrounds and experiences to our work -- and that our teams align with the people we serve in order to build trust and understanding. We are dedicated to fostering a community that embraces diversity - in ideas, backgrounds and perspectives; this is reflected in our work and represented in our people.
Position Summary
The Cyber Security Engineer performs technical and operational tasks to design, develop, implement and maintain Cyber security solutions using technologies and processes to uphold the confidentiality, integrity and availability of City of Hope’s information assets. The incumbent in this role conducts protocol and traffic analysis, has the ability to execute effective countermeasures to current threats to systems and networks, has comprehensive knowledge of the inter-relationship between operating systems, Active Directory, IDS-IPS, vulnerability detection tools, SQL, TCP/IP, encryption, VPNs, and DMZs. This role requires strong knowledge of Cyber security exploits and incident handling, with a GIAC certification as a Certified Incident Handler. The incumbent will lead engineering projects to implement the Cyber security infrastructure, as well as assist other projects enhancing the Cyber Security Program, including recommendations on technology strategies that monitor and alert on anomalies.
Key Responsibilities include:
- Proactively prepare countermeasures to defend information systems against known attack techniques: backdoors and Trojan horses, buffer overflows, covering tracks in Unix-Linux, on the network, using steganography, denial-of-service, Netcat, format string attacks, IP address spoofing, kernel-mode rootkits, user-mode rootkits, network sniffing, password attacks, passive fingerprinting, war-dialing, web application attacks, worms, bots and bot-nets, and session hijacking.
- Manage the implementation and ongoing capabilities of a SIEM (Security Incident and Event Management).
- Lead the analysis of the intrusion prevention system (IPS) events and escalate as needed.
- Provide forensic analysis of security violations.
- Conduct periodic self-assessment and gap analysis related to Cyber security controls and manage the remediation to correct the gaps.
- Verify network, wireless and firewall security systems by conducting reviews and policy assessments.
- Support and maintain Cyber security related technologies and architectures, such as, but not limited to, IDS (intrusion detection systems), VPNs (virtual private networks), data loss prevention tools, VLANs, firewall architectures, proxy servers, internet access policy servers, authentication systems, and content screening servers.
- Ensure compliance to regulations, business requirements and City of Hope policies, standards, and procedures.
- Design, document, and support network security design changes including wireless network.
- Document and execute integration processes and standards.
- Document and report performance measurements for Cyber security related products in service.
- Conduct system security and vulnerability analyses and risk assessments.
- Trains new or less experienced employees, providing instruction on how to perform job tasks and explains why the tasks are performed and why the tasks have to be performed in that manner.
- Represents the ISO in internal COH meetings.
- Perform special projects as assigned by the ISO.
- Internal Contacts: Across all VP/Director/Managers, ITS departments, COH financial and administrative business, BRI/research areas, Division of Information Sciences, Population Sciences, etc., all COH clinical areas, the COH Graduate School and external vendors related to Cyber Security.
- External Contacts: Software/hardware vendors related to Cyber Security.
- Budget/Financial Administration: Financial tracking and status reporting on assigned project efforts.
- Performs other related duties as assigned or requested.
Basic education, experience and skills required for consideration:
- Bachelor’s Degree
- Experience may substitute for the minimum education requirement
- 5+ years in a technology related field, with a minimum of 4 years of Cyber security specific experience. Hospital/healthcare industry experience is desirable, but not required.
Required Certification/Licensure:
- CISSP - Certified Information System Security Professional (within 12 months of hire)
Preferred education experience and skills:
- Master’s degree preferred
- GCIH- Certified Incident Handler within 12 months of hire.
- Any GIAC certification:
GISP – Information Security Professional,
GSEC – Security Essentials Certification,
SSCP- Systems Security Certified Practitioner,
GISF- Information Security Forensics,
- CBCP (Certified in Business Continuity Planning)
- CISCO certifications
7 years of experience within Information Security
2 years of LAN/WAN setup, support, and troubleshooting
1-2 years hardware and software troubleshooting experience
1-2 years CISCO hardware environment experience
Electrical Engineering, Computer Engineering, or Computer Science
Additional Information:
- As a condition of employment, City of Hope requires staff to comply with all state and federal vaccination mandates.
Salary / Pay Rate Information:
Pay Rate: $48.30 - $77.28 / hour
The estimated pay scale represents the typical [salary/hourly] range City of Hope reasonably expects to pay for this position, with offers determined based on several factors which may include, but not be limited to, the candidate’s experience, expertise, skills, education, job scope, training, internal equity, geography/market, etc. This pay scale is subject to change from time to time.
City of Hope is a community of people characterized by our diversity of thought, background and approach, but tied together by our commitment to care for and cure those with cancer and other life-threatening diseases. The innovation that our diversity produces in the areas of research, treatment, philanthropy and education has made us national leaders in this fight. Our unique and diverse workforce provides us the ability to understand our patients' needs, deliver compassionate care and continue the quest for a cure for life-threatening diseases. At City of Hope, diversity and inclusion is a core value at the heart of our mission. We strive to create an inclusive workplace environment that engages all of our employees and provides them with opportunities to develop and grow, both personally and professionally. Each day brings an opportunity to strengthen our work, leverage our different perspectives and improve our patients’ experiences by learning from others. Diversity and inclusion is about much more than policies and campaigns. It is an integral part of who we are as an institution, how we operate and how we see our future.