Share this Job

Security Engineer 2

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 120,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 52 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US. 

Providence India was established to bring to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation for Improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.



Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

Enterprise Information Security at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)

What will you be responsible for?

  • Leads the creation and maintenance of SOC Playbooks, SOPs and Training materials, managing shifts, onboarding, and training for SOC Engineers.
  • Overseeing SIEM monitoring and ensure that SOC team is responding to all alerts
  • Manage 24X7 Security Operations Centre (SOC). Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
  • Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams
  • Participating and creation of detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team
  • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
  • Utilize ticketing system and standard operating procedures for effective call processing and escalation to adhere to Service Level Agreement (SLA)
  • Support and participate in SOC engineering efforts such as tool integration, development of automation, scripts, testing of new tools and evaluation of new technologies
  • Knowledge of threat centric framework Cyber Kill chain and NIST Cyber Security Framework.
  • Ensure that the incident response processes are kept up-to date and well-rehearsed during any real cyber-attacks or cyber drill.
  • Proficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).

 

What would your work week look like?

  • Collaborate with the other security teams to contain and investigate major incidents
  • Perform all tasks required per shift including reporting, monitoring, and turnover logs
  • Evaluate the type and severity of security events by making use of packet analyses and in-depth understanding of exploits and vulnerabilities
  • Perform security log analysis during Information Security related events, identifying and reporting possible security breaches, incidents, and violations of security policies
  • Oversee emerging cyber threats, proactive modelling, threat validation
  • Escalate critical incidents that require management attention in a timely manner and provide timely updates
  • Root cause analysis experience, getting to the root cause, problem solving

    Enterprise Information Security at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)

    What will you be responsible for?

  • Leads the creation and maintenance of SOC Playbooks, SOPs and Training materials, managing shifts, onboarding, and training for SOC Engineers.
  • Overseeing SIEM monitoring and ensure that SOC team is responding to all alerts
  • Manage 24X7 Security Operations Centre (SOC). Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
  • Experience with writing/creation of formal documentation such as reports, slide decks, and architecture diagrams
  • Participating and creation of detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team
  • Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture
  • Utilize ticketing system and standard operating procedures for effective call processing and escalation to adhere to Service Level Agreement (SLA)
  • Support and participate in SOC engineering efforts such as tool integration, development of automation, scripts, testing of new tools and evaluation of new technologies
  • Knowledge of threat centric framework Cyber Kill chain and NIST Cyber Security Framework.
  • Ensure that the incident response processes are kept up-to date and well-rehearsed during any real cyber-attacks or cyber drill.
  • Proficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
  •  

    What would your work week look like?

  • Collaborate with the other security teams to contain and investigate major incidents
  • Perform all tasks required per shift including reporting, monitoring, and turnover logs
  • Evaluate the type and severity of security events by making use of packet analyses and in-depth understanding of exploits and vulnerabilities
  • Perform security log analysis during Information Security related events, identifying and reporting possible security breaches, incidents, and violations of security policies
  • Oversee emerging cyber threats, proactive modelling, threat validation
  • Escalate critical incidents that require management attention in a timely manner and provide timely updates
  • Root cause analysis experience, getting to the root cause, problem solving

 

Who are we looking for?

  • Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience
  • 5 years of relevant post-qualification experience in Security Operations Center environment (SOC)
  • Hands on experience or exposure to monitoring tools like – Sentinel (Must).
  • Experience in any SOAR (Security Orchestration Automation Response) platform is must.
  • Scripting or programming (Shell scripting, Power Shell, Python, KQL etc.)
  • Should have worked on security monitoring in Cloud environment (Azure) & Microsoft Defender experience.
  • Preferred SSCP, EC-Council CSA, CompTIA- CYSA+, SANS GCIH /GMON /GSOC certification.

At Providence, we not only acknowledge differences but also honor it. We appreciate differences related to the following factors but not limited to background, education, gender, age, generation, religious background, ability, technical skills in all our employment related opportunities.

Health is a human right