As the leader of rehabilitative care, Encompass Health offers both facility-based and home-based patient care through its national network of rehabilitation hospitals, home health agencies, and hospice agencies that spans 42 states and Puerto Rico. Setting the standard for providing excellent care, Encompass Health has earned its place among Modern Healthcare’s “Best Places to Work in Healthcare” and the Fortune “World’s Most Admired Companies” for 2021.
As a Senior Security Engineer- SIEM Administrator for Encompass Health Corporation, you will be participating on a team of individuals supporting EHC architecture, security controls, and response capabilities. As a member in the Security team, you will provide support to the SOC and architecture team’s efforts to develop logging, detection, and response capabilities. This senior-level position is primarily responsible for the management and development of the EHC SIEM. The Senior Security Engineer- SIEM Administrator will be responsible for onboarding new data sources, managing data structures, and assisting the security team in developing detection and automating response capabilities.
- Minimum 2 years of experience in SIEM management, or large-scale cyber security data analytics.
- Associates Degree or Undergraduate degree related to computer science or information security recommended. Additional equivalent work experience may be substituted for the degree requirement.
- Strong understanding of Python and Unix shell scripting.
- Strong understanding of parsing and transforming event data with regex and custom log parsers in Logstash.
- Strong understanding of data lifecycle management and index optimization within Elasticsearch.
- Experience integrating security solutions in a multi-vendor environment.
- Experience managing data structures within ElasticSearch.
- Experience with message queuing software such as Redis or Kafka.
- Experience with virtualization and automation technologies such as Docker, Ansible or Vagrant.
- Experience building detection use cases for alerting and dashboards for analysis with Kibana.
- Experience building API integrations using python.
- Experience with STIX/TAXII threat feed integrations.
- Experience with MISP threat sharing platform.
Machines, Equipment Used:
- General office equipment such as computer/laptop, telephone, copy/fax machine, calculator, scanner, etc.
- Microsoft Office software, to include Outlook, Word, and Excel.
- Visual acuity, speech recognition, speech clarity.
- Ability to lift, lower, push, pull, and retrieve objects weighing a minimum of 15 pounds. Reasonable assistance may be requested when lifting, pushing, and/or pulling exceeds these minimum requirements.
Skills and Abilities:
- Ability to document data flows and processes within the SIEM environment.
- Ability to work with IT administrators to assist with data collection and parsing define parsing requirements.
- Ability to speak, read, write, and communicate effectively.
- Ability to coordinate, analyze, observe, make decisions, and meet deadlines in a detail-oriented manner.
- Ability to work independently without constant supervision.
- Indoor, temperature controlled, smoke-free environment.
- Handicapped accessible.
- May work under stressful circumstances at times.
Proficiency or Productivity Standards:
- Has regular, reliable, and predictable attendance and punctuality.
- Adheres to dress code including wearing ID badge.
- Adheres to Standards of Business Conduct.
- May be required to work weekdays and/or weekends, evenings and/or night shifts if needed to meet deadlines.
- May be required to work on religious and/or legal holidays on scheduled days/shifts.
- May be required to perform other duties as assigned by supervisor.
- This position will support cultural diversity by promoting and maintaining an inclusive work environment and culture that is respectful and accepting of diversity.
Job ID: 2126455