Share Email Opening Apply Now
Title

Security Engineer 

About the Organization
eMDs offers exciting opportunities that will challenge your abilities, expand your skills and reward your contributions in an atmosphere that encourages both personal and professional growth for all.

Additionally, eMDs offers competitive compensation, excellent benefits, and a positive work environment designed around the philosophy of mutual respect and the challenge of contributing to the continued success of our organization.

Our History

eMDs was founded in 1996 by David Winn, MD, a board-certified family practice physician with a very strong business background who understood the value of having an integrated practice management system which helped physicians focus on patients while optimizing practice financials. Dr. Winn was dissatisfied with offerings on the market, and set out to create his own. The eMDs clinic was first implemented in 1998. Using our own practice management system meant we fully understood what it takes to create the perfect EHR system and why the company built our reputation upon being a highly usable system.

Many years later, we've retained the same values from our early days. We are dedicated to building the best integrated EHR and RCM systems and services. We focus on listening to our customers. And most importantly, we focus on making the practice of medicine enjoyable and fulfilling.

Our Leadership

Since our founding, we have been privileged to have been led by certified healthcare professionals and proven IT leaders.
 
Category Information Technology  
Close Date  
Description

Summary of Job:
The Information Security Engineer will report to the Director of Information Security and will be responsible for the day-to-day management of the security posture of on-premise, datacenter and cloud infrastructure. The ideal candidate will have experience working as part of a team and demonstrate a can-do attitude toward a variety of projects and tasks.
This position will require a focus on GRC standards, namely HIPAA and PCI, and the successful candidate will be able to align company security controls with these requirements.
The Information Security Engineer will need to be skilled and experienced in at least 5 of these areas of knowledge with a specific focus on security: Logging and Monitoring (particular emphasis on SIEM is a plus), Endpoint Security, Next-Gen Firewalling and IPS, Security Architecture and Design, At-Rest Encryption (both structured and unstructured data), Active Directory domain security (emphasis on various STIG configurations and security-specific GPO configs), Tokenization, BYOK, Windows Operating System Security, Penetration Testing (opensource and/or commercial tools), Microsoft RDS, Application Whitelisting, Office 365, HIPAA Security Rule Technical Controls, SOC 2 Security Controls, VMWare, IIS Security, Enterprise Load Balancers (specific emphasis on TLS offload), DevSecOps, Threat Modeling, Incident Response and Auditing / Event Alerting.
The position will present the candidate with a wealth of opportunity to learn new technologies and advance their skillset along any number of paths, and the successful candidate will take advantage of those opportunities and grow themselves as they grow with the company.

There will be no supervisory responsibilities with this position.

Essential Duties and Responsibilities:
• Primary stakeholder with company firewalls and IPS clusters. Responsible for day-to-day management, monitoring and configuration.Primary stakeholder with company load balancers. Responsible for day-to-day management, monitoring and configuration.

• Work with Director of Information Security to manage and configure at-rest encryption of sensitive data. This will include large data sets of highly sensitive data in a production environment where downtime is not permitted.
• Work with Director of Information Security to provide day-to-day management of both HIPAA security controls and SOC 2 controls to provide for company compliance with Security Rule mandates.
• Required to be a part of the inter-departmental RFC change control team to meet weekly and review any proposed changes to any of the production environments. Will be required to voice any concerns a change might have on security posture and be able to offer suggestions for how to provide for security.
• Will occasionally be called upon to join deployment teams during late night maintenance windows, when a security presence is required.

 
Position Requirements

Qualifications:
The ideal candidate will have:
• Minimum 7 years in an information security role, providing design, management or architecture
• Minimum 5 years with hands-on Cisco firewalling and IPS management. Any experience with Cisco ASA, FirePower, AMP, CloudLock or Umbrella is a plus.
• Minimum 5 years working with Windows Active Directory, specifically targeting the use of GPO to drive security initiatives such as Windows firewall configuration, STIG implementation or disk encryption
• Minimum 5 years in endpoint security, including firewalling, HIPS or advanced malware protection tools
• Minimum 3 years working with and configurating SIEM technologies. Logrhythm experience is preferred, but experience with any vendor will count.
• Some level of experience with or basic knowledge of cryptography as it relates to at-rest encryption of sensitive data. This includes both structured and unstructured data. Any experience with Thales eSecurity platforms such as Vormetric DSM, VTE, LDT, VTS, BYOK is highly prized, but not required.
• Any security certifications, such as CISSP, CEH, GSEC, CCNA (R&S,Security), OSCP are a plus
• Any experience with penetration testing tools, such as Kali Linux, Nessus, Qualys or exploit kits such as Metasploit, BeEF, Websploit is desired, but not required.
• Any knowledge of opensource operating systems and applications is a plus
• Any experience with scripting languages and automation is a plus, specifically PowerShell and TCLAny other network administration or engineering experience is certainly a plus. This includes routing & switching, dynamic routing protocols, virtualization, MS SQL Server management, MS SCCM

Other Details about the Job:
This position is expected to have very little in travel requirements. Very occasionally some travel to Dallas can be expected, but it should remain below 5%. The company does have a large off-shore presence in Asia, and future plans for travel are possible, but not expected at this time.
eMDs does offer competitive compensation packages, including paid sick/vacation, benefits and retirement plans.

 
Full-Time/Part-Time Full-Time  
Shift Days  
Tag  
Post Internal Days  
Number of Openings  
Position Security Engineer  
Post Internal Days 0  
Number of Openings 1  
Number Filled 0  
Exempt/Non-Exempt Exempt  
Req Number INF-19-00001  
Open Date 5/23/2019  
Location Austin (Corporate Office)  
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.  

This position is currently accepting applications.

Apply Now



WE ALSO RECOMMEND

Other Jobs Within Same Category
-- None found --



Other Jobs Within 60 Miles
Marketing Content Coordinator in Austin, Texas
Posted on: 11/12/2019
[Apply Now]

Salesforce Administrator Developer in Austin, Texas
Posted on: 10/23/2019
[Apply Now]

CVO Coordinator in Anywhere, USA
Posted on: 10/31/2019
[Apply Now]

Software Support Specialist Tier I in Austin, Texas
Posted on: 6/4/2019
[Apply Now]

Software Support Specialist - Tier I in Austin, Texas
Posted on: 6/4/2019
[Apply Now]



Follow us See who works here:
 



Click here for technical assistance.