Listing Description

Reporting to

Director, Cybersecurity

In Brief

EVYD is a healthtech company that is building a future where everyone can access better health. As an Engineer for Cybersecurity Operations, you will be responsible for day-to-day activities such as threat and vulnerability management, security incident response and handling, as well as risk and compliance activities. You will help secure our rapidly growing business and meet increasingly stringent regulatory requirements for cybersecurity compliance. 

Key Deliverables 

• Prepare monthly security operation reports including for private IDC, public cloud, and Corporate IT cybersecurity.


• Effective and efficient incident response and resolution.


• Deliver yearly employee awareness training.


• Planning and implementation of cybersecurity projects.

Responsibilities

• Design and implement cybersecurity technology solutions including to meet the security requirements of cloud-hosted systems.


• Design and implement network security features and functionality such as network access controls, inbound and outbound traffic filtering and monitoring, subnetting for isolation, etc.


• Research, evaluate, design, test, recommend, and implement network security tools such as proxy servers, IDS/IPS tools, DDoS prevention tools, etc.


• Research emerging technologies in support of operational security control implementation and enhancements.


• Administer network security and computing devices/systems that enforce security policies and controls.


• Review existing systems and associated configurations and provide recommendations on changes and enhancements.


• Support a wide range of security technologies including, but not limited to SIEM, NIDS/IPS, HIDS, malware analysis and protection, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensic analysis software and security incident response.


• Respond to external audits, penetration tests, and vulnerability assessments.


• Perform incident monitoring and reporting that includes analysis and correlation of information or data for the purpose of identifying intrusion attempts, vulnerabilities, and/or compromises.


• Develop a library of deployable and documented cloud design scripts, processes, and procedures.

Requirements

• Bachelor’s degree in information security, Computer Science, Information Systems Management, or related technology/engineering discipline or equivalent experience required


• 5-8 years of work experience in cybersecurity.


• Experience designing, developing, and/or deploying security tools.


• Working knowledge of Security Operations best practices in AWS Cloud or Azure Cloud.


• Experience in firewall management and rule reviews, IDS/IPS (Network and Host level), vulnerability assessment tools, DLP, Wireless IDS/IPS, sniffers, TCP/IP protocol stack and the OSI layer, content management and filtering systems, VPN, remote access AAA, application whitelisting, password management/vaults, log management and correlation, and device/application hardening requirements.


• Working knowledge of Security Operations best practices in AWS Cloud.


• Experience with security compliance programs such as China MLPS, ISO27001, HIPAA, NIST SP800.


• Experience coding and writing scripts to automate repeatable tasks.


• Hold or willingness to obtain industry-recognized security certifications such as CISSP, CISA, AWS Security Specialty etc.


• Good communication and collaboration skills.


• Self-motivated to improve knowledge and skills.