Aetna Info Sr Security Engr in Hartford, Connecticut

Req ID: 42084BR

POSITION SUMMARY

Security engineer role focusing on security monitoring, incident response and security control design. Join our rapid paced security team, where we focus on cyber security from a true risk based perspective. This is an excellent opportunity to work in the healthcare space while learning, creating and implementing techniques to reduce cyber risk in a supportive and challenging environment.

Fundamental Components:

HIPAA, ARRA(HITECH), and CMS regulation experience preferred, working in a highly regulated sector

Able to clearly identify, articulate and act on newly identified risks, including developing and implementing controls to address risk. Perform ongoing information risk assessments and audits to ensure that information systems are adequately protected and meet regulatory requirements. Identify, validate and track security incidents; actively participate in resolution; escalate security issues as needed. Own, maintain, and support security tools in support of security operations, the infrastructure team, and the development team. Develop and maintain a knowledgebase comprising a technical reference library, security advisories and alerts, security trends and applicable laws and regulations. Review, perform, assess, and mitigate internal and 3rd party penetration test and assessments. Monitor security vulnerability information from vendors and third parties Monitors, responds, and analyzes security alerts from monitoring tools, SIEM experience desired

Administer intrusion detection/prevention systems, anti-virus, and DLP solutions

Implement or coordinate remediation required by audits, and document exceptions as necessary

Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities

Review, perform, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure

Monitor security vulnerability information from vendors and third parties

Working knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts

Experience with any of the following desired Websense, Nessus, Qualys, ServiceNow, AppScan, Web Inspect, Burp Suite, BackTrack, or Kali Hands-on Experience with Linux, Unix and Windows versions Unix scripting skills preferred (BASH, Perl, Python, PHP, etc) Powershell, batch, or VB scripting skills preferred

BACKGROUND/EXPERIENCE desired:

Bachelors or work equivalent

Deep experience and knowledge of Security Control Design, TCP/IP and network concepts, encryption, firewalls, WAF (Web Application Firewalls) and host-based security tools. Demonstrable knowledge of Python, BASH/Shell and/or PowerShell scripting.

EDUCATION

The highest level of education desired for candidates in this position is a Bachelor's degree or equivalent experience.

LICENSES AND CERTIFICATIONS

Information Technology/GIAC Security Essentials Certification (GSEC) - Global Information Assurance Certification is desired

Information Technology/Security+ Certification - Computing Technology Industry Association (Comp TIA) is desired

FUNCTIONAL EXPERIENCES

Functional - Information Technology/Security/4-6 Years

Functional - Information Technology/Infrastructure management/1-3 Years

Functional - Information Technology/Application maintenance & support/1-3 Years

TECHNOLOGY EXPERIENCES

Technical - Security/Intrusion Detection/1-3 Years/

Technical - Operating Systems/Windows/1-3 Years/

Technical - Operating Systems/UNIX/1-3 Years/

Technical - Security/Vulnerability Scanner/1-3 Years/

REQUIRED SKILLS

General Business/Demonstrating Business and Industry Acumen/MASTERY

General Business/Ensuring Project Discipline/MASTERY

Service/Working Across Boundaries/MASTERY

DESIRED SKILLS

Technology/Leveraging Technology/MASTERY

Technology/Promoting Emerging Technology/MASTERY

Technology/Selecting and Applying Technology Solutions/ADVANCED

ADDITIONAL JOB INFORMATION

Monitors, responds, and analyzes security alerts from monitoring tools, SIEM experience desired

Assist in the management of , intrusion detection/prevention systems, anti-virus, and DLP solutions Implement or coordinate remediation required by audits, and document exceptions as necessary Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities Review, perform, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure Monitor security vulnerability information from vendors and third parties Experience in Incident Response Working knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts Working knowledge of TCP/IP and network administration/protocols including encryption Experience with any of the following desired Symantec Endpoint Protection, Checkpoint Endpoint Protection, Websense, Nessus, AppScan, Web Inspect, LogRhythm, Burp Suite, BackTrack, or Kali Hands-on Experience with Linux, HP-UX, and Windows versions Unix scripting skills preferred (BASH, Perl, Python, PHP, etc) Powershell, batch, or VB scripting skills preferred

Aetna is about more than just doing a job. This is our opportunity to re-shape healthcare for America and across the globe. We are developing solutions to improve the quality and affordability of healthcare. What we do will benefit generations to come.

We care about each other, our customers and our communities. We are inspired to make a difference, and we are committed to integrity and excellence.

Together we will empower people to live healthier lives.

Aetna is an equal opportunity & affirmative action employer. All qualified applicants will receive consideration for employment regardless of personal characteristics or status. We take affirmative action to recruit, select and develop women, people of color, veterans and individuals with disabilities.

We are a company built on excellence. We have a culture that values growth, achievement and diversity and a workplace where your voice can be heard.

Benefit eligibility may vary by position. Click here to review the benefits associated with this position.

Aetna takes our candidate's data privacy seriously. At no time will any Aetna recruiter or employee request any financial or personal information (Social Security Number, Credit card information for direct deposit, etc.) from you via e-mail. Any requests for information will be discussed prior and will be conducted through a secure website provided by the recruiter. Should you be asked for such information, please notify us immediately.

Job Function: Information Technology