The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to departmental budgets, qualifications, experience, education, licenses, specialty, and training. The above hiring range represents the University's good faith and reasonable estimate of the range of possible compensation at the time of posting.
Reporting to the to the Deputy CIO/Chief Technology Officer; the Senior Cybersecurity Engineer will work with the Cybersecurity team to foster Columbia University Irving Medical Center (CUIMC)-wide cybersecurity best practices. This will include detection and monitoring of network traffic anomalies, creation and monitoring of dashboards, network/application/cloud security architecture implementation, and liaising with University constituents on cybersecurity, incident response, and risks remediation.
Act as technical lead to monitor and evaluate data from security event information feeds and ticketing systems in order to promptly identify, evaluate and respond to information security incidents impacting Columbia University Irving Medical Center. Recommends and implements mitigating actions to contain incident related activity. 20%
Subject matter expert in security tools for M365 for the medical center to bring the institution closer to Zero Trust standards. 10%
Executes and improves the core functions of incident response including: threat detection and prevention, incident response, systems and network security monitoring, and vulnerability management at enterprise scale. 10%
Reviews cybersecurity incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks.10%
Develops operational scripts required for security operations and tactical response procedures for security incidents. 10%
Prepares and provides accurate and useful security metrics to leadership, based on event feeds and ISO activity, threat intelligence and other analysis. 5%
Liaises with other information technology groups in investigation and resolution of security incidents. 5%
Partners with IT departments across campus to review, select, and integrate the incident response process. 5%
Coordinates response teams during security incidents (phishing, DDOS, malware, etc.) through resolution and to lessons learned stage. Works with Investigation team(s) on serious security violations and conducts root cause analysis for operational security issues. 5%
Maintains ongoing awareness of shifts in threat landscape and attacker methodologies; recommends appropriate strategic and operational changes to the security program to address new threats. 5%
Supports CUIMC IT???s initiative to expand into cloud environments, ensuring configuration and vulnerability management is maintained. 5%
All other duties as assigned. 10%
Minimum Qualifications and experience
Bachelor's degree or equivalent in education and experience
Minimum 7-10 years??? related experience.
7 years??? experience using endpoint security tools to investigate.
7 years??? experience of using SIEM to build alerts and dashboards.
Operational experience with incident response, vulnerability management, network and security monitoring and network access control.
The ideal candidate will have an in-depth understanding of the HITRUST CSF based on practical working experiences and a functional knowledge of security standards such as HIPAA/HITECH, PCI-DSS, ISO 27001/2, NIST
Experience using NetFlow, packet analysis, DNS, system log file analysis, forensics tools, and other alerts to conduct incident response activities.
Knowledge of exploits (e.g. Buffer Overflows and Privilege escalation).
Knowledge of web application exploits (e.g. SQL, Cross-site Scripting and CSRF).
Understanding of networking concepts, network security architecture and common modern operating systems, including Windows, Mac OS X, Linux, Unix, and mobile device platforms including Android and iOS.
Excellent written and verbal communication skills.
Demonstrated ability to work in a fast-paced, deadline driven environment.
Demonstrated excellence in a variety of competencies including teamwork/collaboration, analytical. thinking, communication and influencing skills, and technical expertise.
Ability to work with changing priorities and with multiple projects.
Ability to be precise and attentive to detail is essential.
Ability to work with minimal supervision.
Ability to work weekend and off-hour work as and when needed.
Advanced degree in the Computer Science or technology field.
Experience working in a HIPAA/HITECH/OMNIBUS-regulated environment. Functional knowledge of other relevant compliance regulations (PCI, FERPA, Data Breach Acts, FISMA) and security standards (HITRUST, PCI-DSS, ISO 27001/2, NIST).
Experience working in an academic medical center or hospital environment a plus.
General experience in application installation, configurations, and deployments in enterprise environments.
ISACA, ISC2 , or any relevant GIAC certifications highly preferred.
Columbia University is one of the world's most important centers of research and at the same time a distinctive and distinguished learning environment for undergraduates and graduate students in many scholarly and professional fields. The University recognizes the importance of its location in New York City and seeks to link its research and teaching to the vast resources of a great metropolis. It seeks to attract a diverse and international faculty and student body, to support research and teaching on global issues, and to create academic relationships with many countries and regions. It expects all areas of the university to advance knowledge and learning at the highest level and to convey the products of its efforts to the world.