Responsible for planning, implementing, upgrading and monitoring security measures for the protection of computer networks and information. Ensures appropriate security controls are in place that will safeguard information and electronic infrastructure.

This position is extremely dynamic in the skills required but will require a security professional to grasp the complexities and challenges afforded working for a quick paced, and agile environment. This position requires strong interpersonal and communication skills, an ability to work as part of a team or independently under minimal direction. Interfacing with teams outside of the IS Department to gather requirements, collaborate, evangelize and incorporate security policy will be a key component of this role. information. Ensures appropriate security controls are in place that will safeguard information and electronic infrastructure.

This position is extremely dynamic in the skills required, but will require a security professional to grasp the complexities and challenges afforded working for a quick paced, and agile environment. This position requires strong interpersonal and communication skills, an ability to work as part of a team or independently under minimal direction. Interfacing with teams outside of the IS Operations group to gather requirements, collaborate, evangelize and incorporate security policy will be a key component of this role.

ESSENTIAL FUNCTIONS and RESPONSIBILITIES:

• Incident Response:

• Lead and participate in all phases of the incident response lifecycle (detection, containment, eradication, recovery, and lessons learned).
• Analyze security logs, alerts, and threat intelligence feeds from various sources (SIEM, EDR, IDS, firewalls, etc.) to identify and investigate potential security incidents.
• Conduct in-depth root cause analysis of security events to determine the cause and impact.
• Implement and maintain security controls to prevent and mitigate cyberattacks.
• Develop and maintain incident response plans and playbooks, including tabletop exercises and security drills.
• Collaborate with the SOC and MSSP to effectively monitor, investigate, and respond to security events.

• Threat Detection and Defense:
  • Proactively monitor the security posture of the organization.
  • Analyze security trends and threat intelligence to identify emerging threats and vulnerabilities.
  • Conduct vulnerability assessments, penetration testing, and threat hunting activities.
  • Implement and maintain security controls to protect against threats such as ransomware, malware, phishing, social engineering, and DDoS attacks.
  • Analyze phishing emails and other social engineering attempts and conduct security awareness training campaigns.
  • Configure and maintain security tools such as EDR, IDS, firewalls, SIEM, and other security technologies.

• Risk Assessment and Compliance:
  • Conduct and participate in risk assessments (e.g., threat modeling, vulnerability assessments, business impact analysis) to identify and prioritize security risks.
  • Assist with compliance audits and certifications (e.g., HIPAA, HITRUST, SOC 2) by ensuring adherence to relevant regulations and standards.
  • Advise on the implementation of appropriate security controls to meet regulatory and compliance requirements.
  • Contribute to the development and maintenance of the organization's GRC framework.

• Third-Party Risk Management (TPRM):
  • Conduct due diligence and risk assessments of third-party vendors and suppliers.
  • Monitor third-party security performance and ensure compliance with contractual obligations.
  • Assist with the negotiation of security clauses in vendor contracts.

• Project Support:
  • Provide security expertise and guidance to project teams throughout the software development lifecycle (SDLC).
  • Conduct security reviews of design documents, code, and systems.
  • Ensure that security controls are integrated into new and existing systems.

• Security Awareness:
  • Assist in the development and delivery of security awareness training programs.
  • Stay informed about new technologies and features within existing security awareness tools to enhance their effectiveness.

• Collaboration and Communication:
  • Collaborate effectively with other security teams, IT teams, business units, legal, and compliance departments.
  • Clearly and concisely communicate security risks and incidents to stakeholders at all levels.

• Continuous Learning:
  • Stay informed about the latest cybersecurity threats, vulnerabilities, and best practices through industry research, conferences, and professional development.
  • Maintain relevant security certifications (e.g., CISSP, CISA, CISM, Security+).

SKILLS AND ABILITIES:

• Foundational Security Knowledge:
  • Strong understanding of foundational security principles, concepts, and best practices (e.g., CIA triad, risk management frameworks).
  • In-depth knowledge of relevant security standards and frameworks (e.g., NIST Cybersecurity Framework, NIST 800 series, ISO 27001, HIPAA, HITRUST).
  • Familiarity with common attack vectors (e.g., phishing, malware, ransomware, social engineering, DDoS, zero-day exploits).
• Technical Skills:
  • Proficiency in analyzing security logs and alerts from various sources (SIEM, EDR, IDS/IPS, firewalls, cloud security platforms).
  • Experience with vulnerability scanning and penetration testing methodologies and tools.
  • Working knowledge of common operating systems (Windows, Linux, macOS), networking protocols, and cloud platforms (AWS, Azure, GCP).
  • Familiarity with security information and event management (SIEM) systems and threat intelligence platforms.
  • Understanding of security controls such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), data loss prevention (DLP), and encryption.
  • Knowledge of identity and access management (IAM) concepts, including authentication, authorization, and access control (e.g., Active Directory, LDAP, RBAC, ABAC).
• Analytical and Problem-Solving Skills:
  • Strong analytical and problem-solving skills with the ability to analyze complex security issues, identify root causes, and develop effective solutions.
  • Excellent critical thinking skills with the ability to assess risks, make informed decisions, and prioritize tasks effectively.
• Communication and Collaboration:
  • Excellent written and verbal communication skills with the ability to effectively communicate technical information to both technical and non-technical 1 audiences.
  • Proven ability to collaborate effectively with cross-functional teams (e.g., IT operations, development, legal, compliance).
• Continuous Learning:
  • Strong desire for continuous learning and professional development, including staying current with emerging threats, vulnerabilities, and security technologies.
• Preferred Qualifications:
  • Relevant security certifications (e.g., CISSP, CISA, CISM, Security+, CEH).
  • Experience with scripting languages (e.g., Python, PowerShell).
  • Experience with cloud security and cloud-native technologies.

Working Conditions:

• This position requires participation in an on-call rotation for incident response as necessary.
• Position may require occasional evening or weekend work during critical incidents or security assessments.
  • Experience with threat hunting and incident response methodologies.

EDUCATION AND EXPERIENCE:

• 5+ years of proven experience in administering security controls in an organization
• BA/BS in related field or equivalent in education and experience such as CISSP certification
• Experience performing security risk analysis and compliance assessments
• Experience or familiarity with next generation security platforms, endpoint protection life cycle management tool experience i.e. Sophos, Mimecast, Varonis, Palo Alto, MS365 is a plus.
• Experience analyzing/investigating information security incidents from reporting platforms such IPS/IDS, NAC, DLP, SIEM, and vulnerability monitoring systems.
• Experience with common security industry and audit standards, such as NIST 800 series, PCI-DSS
• Experience in leading incident response for security and privacy incidents.
• Experience developing Information Security policies, standards, guidelines and procedures

Pay Range:
$105, 112.00 - $157, 668.00

The above information is intended to indicate the general nature and level of work required in this position. It is not designed to contain or be interpreted as a comprehensive description of all duties, responsibilities, and qualifications required of those assigned to this job.

We offer a competitive Total Rewards Program. Eligibility for benefits is dependent on factors such as position type and FTE. Benefit-eligible employees qualify for benefits beginning on the first of the month following one month of employment. Vancouver Clinic offers medical, dental, vision, life insurance, AD& D, long term disability, health savings account, flexible spending account, employee assistance program, and multiple supplemental benefits (voluntary life, critical illness, accident, hospital indemnity, identity theft protection, legal services, etc.). We also offer a 401k retirement plan, with employer contributions after your first year of employment. Benefits-eligible employees accrue PTO and Personal Time based on hours worked and State worked, totaling 120 hours in the first year for full time staff and 200 hours in the first year for full time supervisors and above, increasing in subsequent years. PTO and Personal Time accruals are pro-rated by FTE/hours worked. Non-benefits eligible employees will accrue Personal Time based on hours worked and State worked. Employees will also enjoy up to six paid holidays per year, depending on schedule. Contact your recruiter for more information.

Vancouver Clinic is proud to be an Equal Opportunity Employer. Vancouver Clinic does not discriminate on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, gender identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law.

Vancouver Clinic is an alcohol and drug-free workplace. Offers are contingent on successful completion of background screen and immunization requirements.