Job Description
Senior IT Security Engineer - Full Time, Days (Remote) NOR Healthcare Systems Bellflower, CA Job Details Full-time $145,000 a year 14 hours ago Qualifications Endpoint Security Intrusion detection analysis Threat hunting activities HIPAA compliance Incident management Reporting (security system operation) Cloud security management HIPAA Endpoint Detection and Response (EDR) Incident management operations support Healthcare privacy protection Security threat response protocols Log analysis tools Azure AD Management reporting Network monitoring tools Incident report writing
MITRE ATT&CK
Identity and access management (IAM) solutions Incident response implementation Active Directory Full Job Description Position Summary Assists in spearheading the development and enforcement of robust cybersecurity strategies, ensuring the highest level of security across all technological platforms. Leads threat prevention, detection, and remediation efforts for the organization. Responsibilities Design and build robust security infrastructure that includes firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and secure network architectures. Ensure these measures are scalable and integrated seamlessly with existing systems. Perform regular threat assessments to identify vulnerabilities within the network and application layers. Develop and implement strategies to mitigate identified risks, including the deployment of patches, updates, and security enhancements. Lead the incident response team. Respond to security breaches and incidents with urgency, conduct thorough investigations to determine the root cause, and implement corrective actions to prevent future occurrences. Administer security tools and technologies, ensuring they are optimized to detect and prevent malicious activities. Evaluate and recommend new security solutions to enhance defense capabilities. Continuously monitor network traffic for unusual or suspicious activity. Use advanced network security tools to detect and block threats before they can infiltrate or damage the system. Work closely with the IT department and other relevant teams to ensure security measures are aligned with organizational needs. Report on security posture, incidents, and ongoing risk assessments to senior management. Required Qualifications 7+ years of progressive information security experience, with 4+ years in a SOC, threat detection, or incident response role Deep expertise in Microsoft Security stack: Defender XDR, Defender for Endpoint (P2/E5), Defender for Identity, Microsoft Sentinel, and Log Analytics Strong KQL proficiency for custom analytics, threat hunting, and workbook development Hands-on experience with Entra ID / Azure AD, hybrid AD environments, and M365 security administration Demonstrated experience leading incident response engagements from detection through post-incident reporting Working knowledge of MITRE ATT&CK and its practical application to detection engineering Familiarity with HIPAA Security Rule requirements and healthcare security operations context Strong written communication skills; ability to produce clear incident reports and executive summaries Preferred Qualifications Experience in a multi-org, multi-domain M365 tenant environment Hands-on experience with Logic Apps / Azure Automation for SOAR playbooks Familiarity with SentinelOne, Mimecast, Netwrix Auditor, or similar tooling in the NOR stack Experience working alongside DFIR retainer providers (e.g., Kroll, Mandiant) during major incidents Relevant certifications: MS-500, SC-200, SC-300, GCIH, GCFA, GDAT, CISSP, or equivalent Healthcare vertical experience (hospitals, health systems, or covered entities under HIPAA) Experience with BloodHound CE, Impacket, or similar AD security audit tooling Pay Rate:
Min - $145,000 l Max - $145,000 Job Listing ID:
1790308
