Shire Jobs

Position Summary:

As a member of the Cybersecurity Operations Engineering team, you are responsible for defending the enterprise from threats and adversaries, both internal and external. The Cybersecurity Engineering team leads security technology research, architecture, engineering, deployment, and operation of system and network security tooling throughout The Guthrie Clinic.

Education, License & Cert:

Associates Degree Non Clinical

Experience:

• Experience designing and engineering cybersecurity technology solutions • Degree: Associates degree in Cybersecurity, Information Technology, Networking, Computer Science or related field. Bachelor’s degree preferred • 2 to 3 years of experience as an information security analyst and; • 3+ years of demonstrated infrastructure and or cybersecurity engineering experience. • Strong analytical, organizational, and planning skills • Strong scripting skills including, but not limited to, PowerShell, Python and API implementations • Demonstrated commitment to continuous learning via training, self‐study and formal education to maintain technical proficiency within the cybersecurity domain • Obtain one professional certification within 12 months of hire/in role

Essential Functions:

Cybersecurity Engineering: • Understand the scope of the health services Guthrie provides its patients and the threat landscape that may disrupt these services • Support the development, implementation and sustainment of a comprehensive Cybersecurity Operations and Engineering Program to protect the security, privacy, and availability of all Guthrie computer and electronic data assets • Develop the security architecture for a geographically distributed healthcare organization utilizing a mixture of on‐prem and cloud‐based solutions • Design, implement and optimize cybersecurity solutions including End Point Threat Detection and Response (EDR), Security Event and Incident Monitoring (SEIM), threat hunting tools, firewall, Intrusion Protect System (IPS), web content filtering, Data Loss Protection/ SSL decryption, Azure AD and Active Directory to reduce security threats. • Monitor and investigate advancements in information security technologies, recommend technologies and processes to effectively manage security threats • Be a cybersecurity thought leader. Present and contribute at industry conferences, webinars, workgroups, list servers, etc. annually • Maintain effective relationships with key technology vendors, industry professionals, security forums and professional associations Prevent, detect and remediate security threats: • Collaborate with Security Operations and assist with Tier 3 incident triage and incident response • Participate in Purple Team exercises • Analyze cybersecurity tooling telemetry and data to improve control efficacy • Participate in the testing of a security incident response plan and playbooks, including coordination with managed SOC vendor, cyber insurer, and key Guthrie stakeholders, and escalations to management • Use security tooling to identify and quantify vulnerabilities, threats and anomalous activity within the Guthrie environment • Participate in Root Cause Analyses for incidents, including short and long‐term mitigation actions to prevent recurrences • Engage external forensic services for use as required for security incident investigations • Support leadership during security‐related crisis communications Support System compliance and Information Security certification: • Stay informed of cyber/information security laws, regulations, and standards that may affect the information security and risk management program • Aid in documenting cyber control gap findings, impacts and recommendations to management • Aid in developing and maintaining playbooks documenting security controls and responses to specific threats • Help to establish actionable reporting metrics to support the cyber program and influence behaviors • Design and engineer cybersecurity controls for HIPAA Security and Privacy Rule compliance • Support the effort to acquire and sustain HITRUST CSF certification • Support responding to Information Security audits and risk assessments requested by regulatory agencies, payers, and other relevant entities

Other Duties:

Other duties as assigned

Joining the Guthrie team allows you to become a part of a tradition of excellence in health care. In all areas and at all levels of Guthrie, you’ll find staff members who have committed themselves to serving the community.

The Guthrie Clinic is an Equal Opportunity Employer that welcomes and encourages diversity in the workplace.

The Guthrie Clinic is a non-profit, integrated, practicing physician-led organization in the Twin Tiers of New York and Pennsylvania. Our multi-specialty group practice of more than 500 physicians and 302 advanced practice providers offers 47 specialties through a regional office network providing primary and specialty care in 22 communities. Guthrie Medical Education Programs include General Surgery, Internal Medicine, Emergency Medicine, Family Medicine, Anesthesiology and Orthopedic Surgery Residency, as well as Cardiovascular, Gastroenterology and Pulmonary Critical Care Fellowship programs. Guthrie is also a clinical campus for the Geisinger Commonwealth School of Medicine.