Security Engineer at Healthstream Inc. in Nashville, Tennessee

Job Description:

As the #1 advisor for developing and empowering people to deliver the highest quality care, HealthStream's brands include best-in-class apps, software, and specialized solutions. Over the last 30+ years, our Company has remained committed to solving big problems and growing into new product lines. We are constantly innovating and finding new ways to positively impact healthcare organizations.

What does our values-based culture offer you?

• A collaborative work environment
  
• A mission-oriented mindset
  
• Work-from-home flexibility
  
• A chance to grow your career
  

All our HealthStreamers share a common vision: to improve the quality of healthcare by developing the people who deliver care. For over 30 years, we have remained committed to providing effective solutions through innovation and constant growth. Today, we offer a unified suite of products to streamline scheduling, credentialing, training and learning management, workforce development, and other key areas in the healthcare industry. We provide recurring value and, as a HealthStreamer, you will be at the forefront of healthcare technology innovation!

We offer work-from-home flexibility as part of our hybrid workplace policy. Our three Resource Centers (located in Nashville, TN; Boulder, CO; and San Diego, CA) are available for scheduled in-person events or assigned workspaces for those who want to work in the office. Remote team members also have access to flexible space scheduling for occasional use.

We encourage collaboration and commit to growth for our entire team. Our thriving culture allows our team members to continuously solve big problems, and we value these contributions. If you want to work for a company committed to its values and vision, HealthStream is the place for you!

We make sure patients receive competent care from qualified people. As a HealthStream team member, you would help this vision come to life. We pride ourselves on being a community where you can both build your career and take time away to fulfill your life goals and commitments.

Your Role As a HealthStreamer

Position Summary

Working as part of the security team that is responsible for cybersecurity and risk management across the organization, reporting to the Sr. Manager of the Threat and Vulnerability Management team, the Security Engineer will be responsible for identifying and assessing both internal and external threats to the enterprise. This position also monitors the network for malicious activity, assists in investigating intrusions and other security related events.

Essential Duties and Responsibilities

You will be responsible for adhering to all HeathStream security policies, procedures, and assigned training.

• Participating as a member of the Information Security Team.
  
• Assessing vulnerabilities of the network and applications on the network.
  
• Analyzing security alerts to determine root cause.
  
• Performs daily security monitoring to help ensure that the enterprise is able to provide system and data Confidentiality, Integrity and Availability in support of internal and external customers.
  
• Investigate major cyber threats while establishing procedures and processes that support the IT security infrastructure and operations.
  
• Report, act, and document all incidents in a timely manner.
  
• Maintain the Information Technology toolset.
  
• Design, implement, and maintain security controls to safeguard systems, networks, applications, and data.
  
• Automate security tasks to improve efficiency and effectiveness of security operations.
  
• Conduct or participate in penetration testing and vulnerability assessments to proactively identify and remediate security weaknesses.
  
• Participate in designing and implementing a secure IT infrastructure.
  
• Develop and implement a vulnerability management program to ensure timely patching of security vulnerabilities.
  
• Participate in developing incident response playbooks.
  
• Investigate and evaluate security incidents.
  
• Participate in on-call rotation
  
• Analyze security alerts, security logs, and network traffic.
  
• Create and maintain dashboards to ensure security continuity.
  
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices to enhance threat hunting techniques and methodologies.
  
• Monitoring for threats utilizing logs and reports from various security tools.
  
• Other duties as assigned.
  

Qualifications

What You Will Need to be Successful

Education, Experience and Knowledge Required

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
  
• Certifications such as Security+, CCNA Security, or CISSP (strongly preferred).
  
• Experience with security tools like firewalls, intrusion detection/prevention systems (IDS/IPS), vulnerability scanners, and security orchestration, automation, and response (SOAR) tools.
  
• Experience with securing cloud environments like AWS or Azure
  
• 3+ years of direct experience working in the Information Security field with experience in two of the following:
  
  
  
  • Windows Server
    
  • Linux Server
    
  • Windows Server/Workstation
    
  • Familiarity with SIEM technologies
    
  • Exposure to scripting languages
    
• Experience performing analysis of log files from a variety of sources, to include Firewall, host and server logs.
  
• Strong understanding of IT controls, vulnerabilities, and systems management.
  
• Strong understanding of general controls and related control validation and testing processes and accepted procedures.
  
• Experience with tools like Tenable, Defender and Tanium
  

Skills and Abilities Required

• Logical thinking and analytical abilities.
  
• Familiarity with identity governance tools and processes.
  
• Aptitude in solving problems independently and as part of a team.
  
• Strong verbal and written communications
  
• An expertise in threat hunting/offsec.
  
• Cloud exposure to AWS and Azure.
  
• Vulnerability management experience with process or program management.
  
• Positive attitude and the ability to work and communicate effectively with all levels of the organization.
  
• Support the mission and goals of the company.
  
• Demonstrate integrity and strong ethical standards.
  
• Experience with multiple computer systems and programs.
  
• Sound decision-making ability.
  
• Solves problems proactively.
  
• Committed to learning better and more efficient ways to accomplish tasks.
  

Benefits

HealthStream offers a comprehensive benefits package to eligible employees, including:

• Medical, Dental and Vision insurance
  
• Paid Time Off
  
• Parental Leave
  
• 401k and Roth
  
• Flexible Spending Account
  

• Health Savings Account
  
• Life Insurance
  
• Short- and Long-Term Disability
  
• Medical Bridge Insurance
  
• Critical Illness Insurance
  

• Accident Insurance
  
• Identity Protection
  
• Legal Protection
  
• Pet Insurance
  
• Employee Assistance Program
  

• Fitness Reimbursement
  

If you have a passion for improving healthcare outcomes and empowering healthcare workers, come join the HealthStream team! We hope you join us and be a HealthStreamer!