Security & Audit Engineer

Website Genova Diagnostics

Advanced Clinical Laboratory Solutions

Working Hours: 8:00am – 5:00pm (Monday – Friday)

Training Hours: 8:00am – 5:00pm (Monday – Friday)

Company Mission: To be the best provider of comprehensive and innovative clinical laboratory services for the prevention, diagnosis and treatment of complex chronic disease.

Position Summary

The Security and Audit Engineer is responsible for evaluating, auditing, updating and monitoring security solutions, access rights, system configurations and data communications with the goal of optimizing Genova’s security posture.  He or she will conduct and facilitate internal audits of IT, laboratory and account receivable systems and coordinate external IT audits from financial, laboratory, government, or other organizations. He or she is responsible for identifying threats and vulnerabilities that may adversely affect operations and coordinating with other IT staff to mitigate risks. Actively administers and monitors intrusion detection/prevention, anti-virus/malware and patch management solutions.  Leads and documents security incident investigation and response as well as business continuity and disaster recovery processes. Creates and updates security policies and procedures and verifies compliance with defined security standards. Educates staff in security awareness and best practices and provides technical security advice and recommendations, as needed. This position requires participation in an engineering on-call rotation program.

Essential Duties and Responsibilities

Responsibilities include but are not limited to the following:

Technical

  • Defend the confidentiality, integrity and availability of all Genova data and systems.
  • Configure, support and evaluate security tools and IT management capabilities.
  • Conduct and facilitate internal and external IT audits and provide recommendations to mitigate risks.
  • Coordinate and monitor the hardening and patch management process across all technology platforms.
  • Monitor security logs including server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity.
  • Identify, investigate and document security incidents.
  • Propose security standards and policies and ensure compliance.
  • Configure and support anti-virus/anti-malware solutions.
  • Review end user accounts, permissions, and access rights.
  • Evaluate and update disaster recovery and business continuity work practices.
  • Manage projects related to security initiatives.
  • Produce custom reports upon request.
  • Respond to requests for support when escalated, with the approval and support of an immediate supervisor.
  • Participate in departmental activities and contributes to collaborative design and implementation decision-making efforts.

Other

  • Meet assigned deadlines and milestones.
  • Work well in a team oriented environment.
  • Work closely with other IT staff and immediate supervisors.  Collaborate with company leaders and subject-matter experts in other departments to resolve questions and problems.

Supervisory Responsibilities                                               

This position has no direct supervisory responsibilities but works closely with all departments.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Candidates must have the following skills and attributes: good overall communication and organization skills; adept at logic; can relate complex concepts and ideas in simple terms, to non-technical personnel. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. 

Education and/or Experience   

This position requires a BS/CS degree or a BS degree in an equivalent field (e.g. mathematics or engineering) or an appropriate combination of relevant education and experience. 

Computer Skills

To perform this job successfully candidates must have extensive understanding of network protocols. Experience with CISCO networks preferred. Experience with Point-to-Point connections and Site-to-Site VPN administration is desired, as is good knowledge and experience with VoIP phone systems. Knowledge of computer operating systems used at Genova (Windows, UNIX?LINUX and MacOS) and hardware, software and web technologies. Strong understanding of information security concepts and techniques required. 

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job while wearing the appropriate Personal Protective Equipment. On occasion the individual may be called upon to handle biological specimens. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel; reach with hands and arms and talk or hear. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision and ability to adjust focus.

Work Environment                                                                              

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Occasional travel may be required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

QUALIFICATIONS

Skills Preferred

  • VoIP phone systems – Advanced
  • Computer Systems – Advanced
  • CISCO – Advanced 

Behaviors Preferred

  • Team Player: Works well as a member of a group
  • Detail Oriented: Capable of carrying out a given task with all details necessary to get the task done well

Education Preferred

  • Bachelors of Science or better in Computer Engineering or related field.
  • Bachelors of Science or better in Computer Science or related field.
  • Bachelors of Science or better in Mathematics or related field.

Experience Required

Strong understanding of information security concepts and techniques.

Experience Preferred

  • VoIP phone systems
  • VPN administration
  • CISCO networks

To apply for this job please visit recruiting.ultipro.com.