Information Security Engineer

• Design, implement, and deploy security solutions within Microsoft Azure, AWS, and GCP platforms using governance mechanisms such as Azure Policy, Defender for Cloud, AWS Guard Duty, and more
• Drive improvements in log ingestion strategy for the SIEM by applying deep subject matter expertise and by partnering with relevant teams.
• Collaborate with HCSS Dev, DevOps, and IT teams to design and implement security solutions across our ecosystem
• Provide expertise in security data collection and automation, with a focus on enhancing SIEM and SOAR capabilities

Identity and Access Management:

• Collaborate with IT and HR to architect and maintain IAM solutions
• Conduct regular reviews of IAM infrastructure and synchronization, with particular focus on access levels and requirements
• Conduct regular reviews of user and application identities access levels

Incident Response:

• Lead monitoring, analysis and response to security events and incidents
• Engage with team members and stakeholders within the HCSS Security Operations Center
• Develop and maintain incident response plans and procedures
• Participate as a technical resource when security incidents are escalated
• Conduct post-incident analysis to identify root causes and implement corrective actions
• Collaborate with cross functional teams to mitigate and remediate security incidents
• Respond to and investigate security incidents and events
• Prioritize and address security-related tickets in a timely manner

Vulnerability Management:

• Conduct regular security assessments and audits to ensure compliance with industry standards and best practices
• Collaborate with Development and DevOps to address and remediate security vulnerabilities within cloud computing platforms
• Run regular vulnerability reporting for IT assets and locations
• Conduct security assessments for third party applications and integrations
• Stay abreast of the latest vulnerabilities and security technologies

Training and Development:

• Develop and deliver security training programs for employees to promote security awareness and best practices
• Create training materials, including presentations, manuals, and online resources
• Conduct regular security workshops and company-wide presentations to keep staff updated on the latest security threats and mitigation strategies

Do you have experience in Technical training?, Do you have a Bachelor's degree?, * Minimum of 5 years of experience in a security role

• Strong knowledge of Azure security tools and services, including Defender for Cloud, Azure Networking, and Entra ID
• Experience in developing and delivering security training programs
• Proven experience in incident response and handling security incidents
• Excellent communication and interpersonal skills
• Strong analytical and problem-solving abilities

Preferred Qualifications:

• Relevant certifications such as CISM, or Azure Security Engineer Associate are a plus
• Bachelor's degree in Computer Science, Information Security, or a related field is a plus, * Ability to work at our Sugar Land office 2-3 days a week

Pulled from the full job description

• Health insurance
• 401(k) matching
• Vision insurance
• 401(k) 5% Match
• Dental insurance
• Paid holidays, Part of our mission is to provide a great life for our employees. We believe that when our people are happy, they do their best work. Some of the benefits and perks we offer include:
• Flexible hybrid schedule
• Medical, dental, and vision coverage with company-paid and employee-paid options
• Paid holidays, sick days, and personal time off
• Employee Resource Groups (ERGs) that foster connection and inclusion
• On-site amenities including a covered basketball court, soccer field, track, pickleball/tennis courts, gym, etc.
• Dog-friendly campus and WiFi-accessible courtyards
• 401(k) with a 5% company match
• Coverage for employee professional development and wellness
• And more!