Principal Security Engineer (Hybrid)
eClinical Solutions helps life sciences organizations around the world accelerate clinical development initiatives with expert data services and the elluminate Clinical Data Cloud – the foundation of digital trials. Together, the elluminate platform and digital data services give clients self-service access to all their data from one centralized location plus advanced analytics that help them make smarter, faster business decisions.
OVERVIEW
Reporting directly to the VP, IT & Security, the Principal, Security Engineer must strike the balance between highly-skilled security engineer, dynamic team player and mentor. The Principal, Security Engineer will have the necessary skills to oversee day to day security operations, and also be a hands-on, technical resource to lead all offensive and defensive security activities.
You will leverage various internal platforms and use your in-depth understanding of common exploits and tactics to provide network and data security for the business and our clients. To best perform this role, you will be required to stay up to date with current vulnerabilities, attacks, and countermeasures, along with staying current with all security related news and developments.
The Principal, Security Engineer will also help to ensure the organization is properly prepared for audit activities by clients and other third-party auditors. This includes artifact collection as well as regular audits of the company environment and all resources as required.
KEY TASKS & RESPONSIBILITIES
- Oversee cybersecurity services provided by eCS team members, as well as cyber security partners.
- Provide support for day-to-day security, network and user activity alerts, and oversee associated investigations as required.
- Act as an escalation point for all security incidents and assist with 24x7 Cyber Security Incident Response through a cyber security managed services partner.
- Manage all 3rd-part security services including MDR, EDR, UEBA, IAM, Risk/Vulnerability Management, Vulnerability Scanning and Penetration Testing (both internal and external).
- Lead project teams that include eCS IT & Security members and partners, to evaluate, test and deploy security solutions.
- Become a deep technical resource that earns the trust of business partners and executive stakeholders.
- Develop high-quality technical content such as reference materials and documentation.
- Mentor and develop the eCS security operations team members and other functional areas as needed.
- Provide detailed vulnerability assessment reports to the Business monthly and on demand.
- Manage Phishing Simulations and provide monthly reports to the Head of IT/Security.
- Oversee virtual and in-person end-user cyber security awareness training.
- Attend regular vendor training and informational sessions to keep knowledge and experience current.
CANDIDATE’S PROFILE
Education Experience:
- 10+ years of extensive technical experience working with cybersecurity solutions.
- 3+ years of AWS experience working with Directory Services, CloudWatch, CloudTrail, IAM, GuardDuty, KMS, SecurityHub, WAF, Shield and other related tools.
- Bachelor's degree in Computer Science, Information Technology or a related discipline, or equivalent combination of professional and/or military experience/education.
- Industry-recognized certifications for networking and security, e.g. AWS Security, CISSP, Network+, Security+, etc.
Professional Skills:
- Excellent knowledge of English
- Strong Presentation/Public Speaking skills
- Ability to multi-task, prioritize, and manage time effectively.
- Excellent decision-making, problem solving and critical thinking skills
- Excellent interpersonal skills and professional demeanor.
- Strong verbal and written communication skills.
Technical Skills:
- Extensive experience working within AWS (EC2/S3), Microsoft Directory Services and M365 (Azure, SharePoint, Teams, OneDrive, etc.)
- Preferred experience with Okta, Arctic Wolf, SentinelOne, Zscaler, and other similar tools.
- Solid experience in remediating or mitigation malware and/or cyberattacks, as well as experience offensive/defensive security and threat hunting.
- Solid understanding of DNS, SMTP, SFTP, TCP/IP, BGP, ARP/RARP and other related protocols.
- Solid understanding of SIEMs, IAMs, UBA/UEBA, EDR and other cyber security solutions.
- Extensive experience managing compliance with GDPR, SOC, ISO 27001/27701, CFR, etc.
- Solid understanding of security operations better practices and procedures.
- Extensive experience using security tools to monitor & secure systems and network resources.
Accelerate your skills and career within a fast-growing company while impacting the future of healthcare. We have shared our story, now we look forward to learning yours!
eClinical is a winner of the 2023 Top Workplaces USA national award! We have also received numerous Culture Excellence Awards celebrating our exceptional company vision, values, and employee experience. See all the details here: https://topworkplaces.com/company/eclinical-solutions/
eClinical Solutions is a people first organization. Our inclusive culture values the contribution that diversity brings to our business. We celebrate individual experiences that connect us and that inspire innovation in our community. Our team seeks out opportunities to learn, grow and continuously improve. Bring your authentic self, you are welcome here!
We are proud to be an equal opportunity employer that values diversity. Our management team is committed to the principle that employment decisions are based on qualifications, merit, culture fit and business need.
Apply for this job
*
indicates a required field