Provide Keck Medicine of USC operational, administrative and project support for the Information Security department whose purpose is to ensure the integrity of Information Systems Assets and to protect systems from unauthorized access or destruction. This role includes, but is not limited to: network security, systems security, IS policy, security solutions, incident response, monitoring, reporting, and general Information Technology concepts. Provide escalation support to senior engineers for most complex issues. The Security Engineer II will perform technical analysis, installation, maintenance & modification of systems and software. Monitor, analyze and report on performance of systems. Participate in security solution implementations, incident response & remediation for identified incidents, participate in the development of policies, standards, procedures for the general operation of the InfoSec Team. Responsibilites for this position include Implementing and monitoring security measures for the protection of computer systems, networks and organizational data; designing cyber security processes including but not limited to Incident Response, Eradication, etc. Carry out security measures to protect an organization’s computer networks and systems: Detect, Respond, Mitigate, Report, Recover, Remediate, Lesson Learned. Identify and define system security requirements. Responsibilities will continually expand as the number and type of cyber attacks increase and change.
- Provide after-hours and weekend support where necessary for a 24×7 incident response model.
- Follow established IS procedures to ensure the safety of the IT systems and assets.
- Investigate and remediate incidents with standard Incident Response protocols. Inclusive of escalations and communications.
- Forecast and recommend short- and long-term solutions and strategies; lead implementation of those strategies.
- Implement and monitor security measures for the protection of computer systems, networks and information. Prepare and document standard operating procedures and protocols.
- Take appropriate actions to ensure minimal disruption to business customers.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Recommend security enhancements to management or senior IT staff.
- Collaborate with other IS teams on incidents, remediation, security systems & solutions, communications, etc.
- Prepare reports that document security breaches and the extent of the damage caused by the breaches.
- Identify and define system security requirements.
- Configure and troubleshoot security infrastructure devices.
- Performs other duties as assigned.
- Associate’s degree Computer Science or a related field or the equivalent combination of experience and education that would demonstrate the capability to successfully perform the essential functions of this position
- 5 years Experience in general Information Security.
- Proven work experience as a system security engineer or information security engineer
- Experience in working with and maintaining security systems
- Detailed technical knowledge of operating system security
- Hands on experience in security systems including: intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
- Experience with network security and networking technologies
- Experience with security systems and tools
- Understanding of the latest security principles, techniques, and protocols
- Performs/follows all procedures to ensure the safety of Information Systems assets and to protect systems from intentional or inadvertent access or destruction.
- Ability to develop and implement IT security standards and procedures.
- Knowledge and understanding of IT industry trends and emerging technologies and an ability to relate them to the organization and its objectives.
- Knowledge of information security industry and regulatory obligations (PCI DSS, SOX, HIPAA, NIST Framework 800 series, etc.)
- Problem solving skills and ability to work under pressure
- Good communication (oral and written) and interpersonal skills
- Able to solve a range of problems in stressful situations
- Able to analyze possible solutions and assess each using standard procedures
- Able to effectively explain information and influence others in straightforward situations
- Able to make appropriate decisions within guidelines and policies
- Able to effectively prioritize own work to meet changing deadlines
- Provide after-hours and weekend on-call support for service-related issues
- Healthcare experience.
- PCI, HIPAA, NIST experience.
- Security control concepts: physical, logical, administrative.
- One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc.
- Fire Life Safety Training (LA City) If no card upon hire, one must be obtained within 30 days of hire and maintained by renewal before expiration date. (Required within LA City only)
The hourly rate range for this position is $46.00 – $76.07. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate’s work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.
Apply on this job post