IT Security - Principle Engineer (Flexibile Opportunity) in Secaucus, NJ at Quest Diagnostics

Date Posted: 6/13/2022

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    500 Plaza Drive
    Secaucus, NJ
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    6/13/2022
  • Job ID:
    req94761

Job Description

Title - IT Security, Principle Engineer

Look for more than answers.  Patients and Physicians rely on our diagnostic testing, information and services to help them make better healthcare decisions. These are often serious decisions with far reaching consequences, and require sensitivity, tact and a clear dedication to service. It’s about providing clarity and hope.

You will work for the world leader in the industry, with a career where you can expand your skills and knowledge. You’ll have a role where you can act with professionalism, you can inspire colleagues, and you can care about the work we do and the people we serve.

At Quest, we are on a continuous journey of discovery and development. It’s this attitude that has made us an industry leader and the #1 Diagnostic Lab in the US. For those joining us, we offer exciting and fast moving career opportunities where you can affect change at a rate unheard of in many organizations of our size and scope. While we invest in and develop technology to drive our innovations, our ongoing success relies on our people.

JOB SUMMARY:

The IT Security - Principal Engineer will be a key member of Cyber Defense Operations and Engineering team.  Provide leadership in efforts in deploying and maintaining the tools necessary for security event visibility throughout the organization. Lead efforts in the detection of security events while assisting with the response to key events. Acting as an escalation point for major security incidents, liaising with the Strategic Threat Intelligence Center, and other stakeholders from incident inception to remediation. Interface with other teams across the Company. Ensure compliance with internal and regulatory policies, while applying industry best practices and standards. The IT security - Principal Engineer also must support the continued monitoring, maintenance, and continual improvement of the IT security infrastructure.  The person in this position will be a leader in the IT organization and considered a subject matter expert in the field of IT Security. This position requires advanced, hands-on security expertise. This position may be called upon for around-the-clock, 7 days a week support of security alerts within the QD IT infrastructure and applications.

Please note this position allows for a flexible work arrangement consisting of working from home as well as some days in the office.  

JOB RESPONSIBILITIES:

-Develops security strategies and solutions to improve, augment and enhance the posture of IT Security at Quest Diagnostics.
-Engineer, install, upgrade, maintain, and/or support a variety of security tools. 
-Assists in the coordination and completion of applicable IT security SOP’s.
-Periodically reviews, modifies corporate IT Security standards and procedures as required by changes in technologies, business activities, and regulations.
-Work with IT leadership to develop strategies and plans to enforce security requirements and address identified risks.
-Is a subject matter expert in the area of IT Security and provides technical guidance on any IT projects.
-Develops and maintains detailed knowledge of security products, tools, regulations, and best practices.
-Reports to IT management concerning risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
-Plays a consultative role in application development and lead security role in acquisition/merger projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
-Collaborates on critical IT projects to ensure that IT security issues are addressed throughout the project life cycle.
-Fully understand security policies, standards, processes, and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
-Researches, evaluates, and recommends IT and information-security-related hardware and software, including developing business cases for security investments.
-Flexibility for occasional on call availability as business need dictates given 24/7 business operation

Responsible for the architecture, governance, and operations of the following technologies:
-Design and configuration and support of Network Access Control (NAC) with Cisco ISE
-Design and support 802.1x for Wired and Wireless
-Governance Remote Access VPN - Cisco ASA VPN and zscaler
-Firewall and Intrusion prevention governance – Fortinet
-DNS security management and operations – Cisco Umbrella
-Security Analytics operations support and investigations - LogRhythm
-Network Segmentation and zero trust architecture and governance
-Web Proxy Governance – McAfee and Zscaler
-Endpoint protection governance and investigations - CrowdStrike
-Network Anomaly IA Analytics with Darktrace, configuration, design, and operations.

Technical Competency:

-In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. 
-Familiar with management frameworks, such as International Organization for Standardization (ISO) 2700x, ITIL, COBIT, PCI, HIPAA and National Institute of Standards and Technology (NIST). 
-Familiarity with risk assessment methods and technologies is preferred. 
-Expertise in performing vulnerability assessments including network, system and/or application vulnerability scanning, penetration testing and remediation methods. 
-Technical knowledge of; mainstream operating systems including, for example, Microsoft Windows, UNIX and Linux; a wide range of security technologies, such as, for example, network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
-Familiarity with cloud computing services such as Microsoft Azure or Amazon Web Services (AWS).

Experience:

-Minimum 10 years’ experience with the implementation and support of an IT Security program including aspects of threat and vulnerability management, security management, and application security related products, projects, procedures, and processes. 
-This person should be able to perform a variety of technical tasks, including, for example, the installation of security software, configuration of software, and problem determination and resolution.

Education:

-B.S. Degree in Cybersecurity, Computer Systems Engineering, Computer Science, Computer Information Systems or equivalent education and experience required.
-Specialized education and/or training in information security highly desirable.
-Security related certifications preferred such as CISSP, SSCP, and GIAC.

Apply Today

Join us for competitive benefits and development opportunities in a progressive and supportive environment. Help us improve our service, and the experiences of our patients and colleagues. Work with us and together we can be better.

Your Quest career. Seek it out.

All requirements are subject to possible modifications to reasonably accommodate individuals with disabilities. Quest Diagnostics is an Equal Opportunity Employer: Women / Minorities / Veterans / Disabled / Sexual Orientation / Gender Identity or Citizenship.