Senior Information Security Engineer @ Access Health CT | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
Senior Information Security Engineer jobs in Hartford, CT
Be an early applicantLess than 25 applicants
expire-info-iconThis job has closed.
job-post-linkOriginal Job Post
company-logo

Access Health CT ยท 2 days ago

Senior Information Security Engineer

positionHartford, CT
timeFull-time
remoteHybrid
senioritySenior Level

Wonder how qualified you are to the job?

ftfMaximize your interview chances
ConsultingE-Commerce
check
Comp. & Benefits

Insider Connection @Access Health CT

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Lead and coordinate technical vulnerability assessments and security reviews of infrastructure, network, applications, and databases, utilizing Nessus scanning software and other state- of- the- art security tools.
Facilitate, track, and manage vulnerability remediation based on risk categorization, with timely assessing and communicating risk, documenting, and reporting on mitigation status.
Ensure compliance with results from vulnerability scans and/or penetration test outcomes.
Configure and maintain the Security Information & Event Management (SIEM) platform, ensuring SIEM is fully utilized to monitor security events proactively inclusive of system logs and other monitoring data, and is in accordance with regulatory compliance requirements.
Actively monitor, analyze, and generate reports on company's security landscape utilizing SIEM and other state- of the- art security tools.
Design, configure, implement, maintain, and operate information system security controls and countermeasures by collaborating with internal as well as State of CT resources.
Serve as a primary technical administrator and system integrator for the Archer Governance, Risk, and Compliance (GRC) platform incorporating new enhancements, functionality, and features, as driven by business requirements.
Provide guidance and technical expertise to the enterprise to ensure optimal use of the Archer GRC platform.
Participate actively in frequent regulatory submissions and inquiries.
Assist with management and monitoring of remediation plans for compliance and mitigation of risk.
Liaise with IT, Legal, product owners, and business teams to provide accurate and timely response to internal and external IT Security and Compliance inquiries and related activities.
Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches.
Prepare incident response reports that take note of security incidents and action taken to mitigate risk.
Assess and audit authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
Provide security application knowledge and design concepts to Information Technology and Development teams.
Provide security expertise to support vendor and project security reviews and initiatives.
Collaborate with different stakeholders cross-functionally to implement business continuity, disaster recovery and incident response plans inclusive of tabletop exercises.
Bridge complex information security requirements with business processes and IT systems and projects and be able to translate the concepts to easily understandable terms.
Analyze trends and changes in threat and compliance environment with respect to organizational risk and communicate accordingly.
Develop and execute plans for compliance and mitigation of risk; perform risk and compliance self-assessments, and actively engage in and coordinate third-party risk and compliance assessments.
Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and monitor for compliance.
Analyze and develop information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
Develop, administer, and provide advice, evaluation, and oversight for information security training and awareness programs.
Completes other tasks, as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information securityRisk managementVulnerability assessmentsSecurity reviewsNessusSecurity toolsSiem platformsConfiguringInformation system security controlsArcher governanceComplianceIncident responseAuditingAuthenticationAccess controlsProblem-solvingCommunicationInterpersonalCollaborationCISSPCISMCISABusiness continuityDisaster recoveryIncident response planningRisk mitigationSecurity controlsInformation security governanceSecurity trainingAwareness programs

Required

Bachelor's degree in Computer Science, Information Technology, or related field
5+ years of experience in information security, risk management, or related field
Experience with technical vulnerability assessments and security reviews
Experience with Nessus scanning software and other security tools
Knowledge of Security Information & Event Management (SIEM) platforms
Experience in configuring and maintaining SIEM platforms
Experience in designing, configuring, implementing, and maintaining information system security controls
Experience with Archer Governance, Risk, and Compliance (GRC) platform
Experience in responding to information system security incidents
Experience in assessing and auditing authentication and access controls
Ability to collaborate with various stakeholders cross-functionally
Strong analytical and problem-solving skills
Excellent communication and interpersonal skills
Ability to work in a hybrid work environment

Preferred

Master's degree in Information Security, Cybersecurity, or related field
Relevant certifications such as CISSP, CISM, or CISA
Experience in business continuity, disaster recovery, and incident response planning
Experience in developing and executing compliance and risk mitigation plans
Experience in analyzing and recommending security controls and procedures in business processes
Experience in developing information security governance policies and procedures
Experience in administering information security training and awareness programs
Experience with state of CT resources
Experience with regulatory submissions and inquiries
Experience in translating complex information security requirements into easily understandable terms
Experience in coordinating third-party risk and compliance assessments

Company

Access Health CT

twittertwittertwitter
company-logo
Access Health CT is an online marketplace for health, life and ancillary Insurance products.
dateFounded in 2012
location
Hartford, Connecticut, USA
people-size51-200 employees
web-link
https://www.accesshealthct.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
James Michel
Chief Executive Officer
linkedin

Recent News

Hartford Business Journal
Access Health CT broadens access to small business group plans
2022-11-29
Company data provided by crunchbase
logo

Orion

Your AI Copilot