Description
Position Title: Infrastructure Security Engineer
Department: Strategic Information and Systems
Reports to: Director of Information Technology
Location: Boston/US-Remote (5-10% Travel)
Position Overview
The Infrastructure Security Engineer is responsible for designing, organizing and maintaining the organizations Cybersecurity posture. This individual will play a key role in championing security initiatives throughout the organizations technology platforms on premise and hosted within cloud environments.
The Infrastructure Security Engineer is a highly technical hands-on individual contributor to the Information Technology department. The SE is responsible for implementing best practice security methods as well as identifying existing processes within the organization for security improvements where possible. The SE will work with a team of IT members within the US as well as the Partners In Health (PIH) global care delivery IT members to support and maintain the organizations security posture. The SE will be part of a team working towards NIST CSF implementation within the organization.
Responsibilities
- Participate in conducting gap analyses, security and risk assessments with both internal and external stakeholders.
- Coordination with multiple departments to identify, triage, and remediate gaps in current security posture.
- Work with a variety of security efforts that span areas such as cloud infrastructure, application, system, and network level initiatives.
- Implement & integrate various LOB and solutions with MFA & 2FA where possible.
- Integrate and manage SAML/SSO configurations across various applications and platforms.
- Manage and maintain IdP & SSPR/MFA platform.
- Implement & integrate SIEM solution across various organizational platforms.
- Implement & integrate ATP/EDR/MDR/XDR solution across organizational on premise and cloud based environments.
- Implement, manage & maintain phishing campaigns across the organization.
- Implement & integrate IAM/PAM, access policies across various organizational platforms.
- Design, manage and maintain monitoring & alerting platform to proactively secure potential risks across the organizational landscape.
- Support designing and implementation of GRC matrix.
- Build automation to manage and maintain security updates across various applications, operating systems.
- Manage and maintain certificates through automated and manual processes.
- Able to design, plan and lead security and systems improvement projects.
- Document processes and implementations across the plethora of environments and systems managed by the IT team.
Other duties assigned to ensure the proper functions of the team & meet organizations needs as identified.
Qualifications
- Bachelor (4-year) degree, with a technical major, such as engineering or computer science.
- Work experience in place of Bachelor degree (5 years as System Engineer or equivalent).
- Three – five years of Information Security discipline.
- Experience with NIST, CIS, CMMC, ISO 27001/2, GRC frameworks and their implementation process.
- Certifications related to SEC+, CEH, CISSP.
- Problem-solving skills.
- Technical and organized attitude.
- In-depth knowledge of computer and network systems.
- Ability to travel up to 2-4 weeks per year and lift up to 50lbs.
- Ability to describe technical information in easy-to-understand terms.
- Exemplary interpersonal skills; ability to collaborate effectively with culturally diverse staff across departments and country.
- Interest in social justice strongly desirable.
Organizational Profile
Partners In Health (PIH) is a non-profit, global health organization that fights social injustice by bringing the benefits of modern medical science first and foremost to the most vulnerable communities around the world. PIH focuses on those who would not otherwise have access to quality health care. PIH partners with the world’s leading academic institutions to create rigorous evidence that shapes more sound and all-inclusive global health policies. PIH also supports local governments’ efforts to build capacity and strengthen national health systems.
As of today, PIH runs programs in 11 countries (Haiti, Peru, Rwanda, Mexico, Sierra Leone, Liberia, Malawi, Lesotho, Russia, Kazakhstan, Navajo Nation), where it provides direct care to millions of patients, through public facilities and community engagement.
Partners In Health (PIH) is committed to the fundamental principle of equal opportunity and equal treatment for every prospective and current employee. It is the policy of PIH not to discriminate on the basis of race, color, national or ethnic origin, ancestry, age, religion, creed, disability, sex and gender, sexual orientation, gender identity and/or expression, military or veteran status, or any other characteristic protected under applicable federal, state or local law. PIH works in and with a number of governments in and outside the U.S., and to the extent applicable, this statement is intended to incorporate the prohibition of any unlawful discrimination covered by applicable laws in such countries, states and municipalities.
Partners In Health participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9.
More Information
- $ Salary Offer POA