Vacancy expired!
At Bon Secours Mercy Health, we are dedicated to continually improving health care quality, safety and cost effectiveness. Our hospitals, care sites and clinicians are recognized for clinical and operational excellence.Job Description:
The role of the Cybersecurity Red Team Engineer II is responsible for supporting the enterprise vulnerability management and pen-testing program, which includes but is not limited to evaluating the security of the organization's IT infrastructure by continuously assessing and exploiting vulnerabilities to find out where hacking threats may lie by simulating attacks on networks, firewalls, operating systems and web applications to identify vulnerabilities, and report the findings. Essential Job Functions /Core Responsibilities:- Perform network and credentialed vulnerability assessments.
- Evaluate present and proposed computer systems environments and convey information concerning security exposures with level or risk and impact to appropriate management.
- Perform penetration tests.
- Participate in rotating on-call schedule.
- Support security architecture review.
- Support joint "Purple Team" cybersecurity exercises
- Work effectively with others in the Information & Technology organization, operations in support of security policies and standards.
- Evaluate system vulnerabilities for Windows, Linux, Unix operating systems, network topologies, databases, and ensure risk remediation before and after vulnerability scans
- Support Payment Card Industry Compliance Data Security Standard approved scanning vendor penetration tests, and external vulnerability scans
- Support physical security pen-tests
- Support Payment Card Industry Compliance Data Security Standard approved scanning vendor penetration tests, and external vulnerability scans
- Evaluate system vulnerabilities for Windows, Linux, Unix operating systems, network topologies, databases, and ensure risk remediation before and after vulnerability scans
- Associates or Bachelor's degree in Electrical Engineering, Information Security, Information Assurance, Cybersecurity, Computer Science, Information Technology, Information System, Business Management preferred.
- 3+ years professional work experience in information technology preferred
- Certifications such as ISC2 (CISSP, SSCP), CompTIA (Security+, Network+, Server+, CySA+, Linux+), SANS (GSE, GWAPT, GPEN), Microsoft 365 Certified Security Administrator Associate, CEH, CHFI, CND, Cisco CCNA Security VMware Certified (VCP, VCPA, VCDX), Tenable, Qualys Guard, Core Impact (CICP), OSCP, CWSP, preferred.
- Experience with cyber threat hunting for indicators of compromise, malware forensic analysis, Tactics, Threat Procedures (TTP) preferred.
- Experience with sniffer protocol analyzer and analyzing and interpreting TCP packets data flows.
- Experience sub netting IPv4, IPv6.
- Experience creating Visio network, and data flow diagrams.
- Knowledgeable of routing protocols OSPF, BGP, IBGP, VRRP, EIGRP.
- Experience completing penetration tests, network and credentialed vulnerability scans with Tenable and Qualys Guard.
- Knowledgeable network firewall and intrusion prevention appliance order of operations.
- Excellent communication skills to effectively annotate findings in both written and oral form
- Ability to communicate clearly and present security findings with technical staff as well as non-technical colleagues.
- Sensitivity to accuracy, timeliness, and professionalism in all areas of support activity is imperative.
- Strong analytical and problem solving skills.
- Experienced performing malware analysis and incident response.
- ID: #49182393
- State: Ohio Cincinnati 45201 Cincinnati USA
- City: Cincinnati
- Salary: USD TBD TBD
- Job type: Permanent
- Showed: 2023-02-13
- Deadline: 2023-04-13
- Category: Et cetera