Option Care Health Security Information Engineer in Bannockburn, Illinois
Extraordinary Care. Extraordinary Careers.
With the nation’s largest home infusion provider, there is no limit to the growth of your career.
Option Care Health, Inc. is the largest independent home and alternate site infusion services provider in the United States. With over 6,000 team members including 2,900 clinicians, we work compassionately to elevate standards of care for patients with acute and chronic conditions in all 50 states. Through our clinical leadership, expertise and national scale, Option Care Health is re-imagining the infusion care experience for patients, customers and employees.
At Option Care Health we recognize that part of being extraordinary is supporting and building a workforce that is as diverse as the patients and communities we serve.
Join a company that is taking action to develop a culture that is more inclusive, respectful, engaging and rewarding for all team members. We are committed to hiring, developing, engaging and retaining a diverse workforce.
Job Description Summary:
The security engineer is a technical role focused on supporting the implementation, execution, and optimization of security controls within the company. Engineers make things happen and this role involves the technical execution of all security settings, technologies, and processes required to ensure our risk reduction assumed with the control is realized. In addition, this role requires an individual who also understands how their role fits into a broader strategic vision. Candidates must have technical competence and expertise as well as a background understanding business needs and supporting response.
Job Responsibilities (listed in order of importance and/or time spent)
Lead security projects including the integration of security into various facets of IT Operations and business operational activities and programs
Plan, schedule, and implement security tool upgrades, implementations, and migrations in a timely manner, and during times that will have the minimum impact on the users of the affected networks & systems.
Mentors more junior security engineers and security analyst in order to advance the level of depth of Option Care’s technical security program across the enterprise
Provides second-level support for Security implemented projects based on need agreements. This may include SSO/MFA Authentication, endpoint protection, IDS/IPS perimeter security and vulnerability management.
Assists in the configuration and implementation of open-source/third-party tools to assist in detection, prevention and analysis of security threats
Conducts periodic network vulnerability scans in order to identify system and application vulnerability risk and ensure compliance
Participates in the selection, Proof of Concept, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity and availability of business data
Proactively implements (new, upgrade, maintenance), monitor and support enterprise Security Tools
Monitors networks and systems for security incidents / events, through the use of software that detects intrusions and anomalous system behavior
Leads incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the security incident happened and the extent of the security incident
Develops specific / custom cybersecurity countermeasures and risk mitigation strategies for systems and/or applications in an evolving production environment
Validates IT solutions collaboratively with infrastructure and application development project teams ensuring that corporate security policy, standards and industry best practices are met
Stays current with developing technologies, emerging threat landscape and predict impact of changing technologies.
Participates in the implementation of security technologies in coordination with a project manager
Works with third party vendors to lead the definition of needs and requirements for security technology enhancements and implementation.
Assists and supports junior members of the security team as they perform vulnerability, network and network security assessments remediation.
Ability to handle multiple tasks/initiatives simultaneously and the ability to handle substantial deadline pressures
Does this position have supervisory responsibilities?
(i.e. hiring, recommending/approving promotions and pay increases, scheduling, performance reviews, discipline, etc.)
Basic Education and/or Experience Requirements
Bachelor’s degree and/ or at least 5 years of technical engineering experience in the Information Security field.
Information Security Certification(s) - CompTIA Security +; CompTIA CySA+; CEH; CISM; OSCP; GSEC and/or CISSP
Knowledge of Information Security technical and functional areas and the operation of key tools as they related to these areas.
Knowledge of Information Security functional areas such as metrics analysis, vulnerability management, policy implementation and technological controls.
Understanding of API's and the ability to make API calls from applications
Knowledge of Cloud (SaaS, IaaS, & PaaS) Security architecture
Working knowledge of risk and security frameworks, standards, and best practices (e.g. NIST, ISO, SANS Critical Security Controls.)
Experience with the tasks identified within the position description above, including planning, engineering, forecasting and implementation, and identification of resource requirements for information security systems or information security configuration requirements associated with business systems
Technical knowledge of how various classes of threats and vulnerabilities function and methods to address those threats and risks
Ability to understand security and business risk in order to provide quality customer service to the business. Results oriented with a sense of urgency and a strong desire to continuously learn and improve
Excellent verbal and written communication skills to collect analyze and present data. Excellent data analysis, reporting and problem solving skills.
Proven leadership skills, ability to work in a fast-paced start-up environment
Demonstrates initiative, able to work independently with minimal supervision yet can work well in a team environment and is customer focused.
Solid conflict management and decision making skills
Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis
Demonstrates initiative, must be self-starter with the ability to work independently with minimal supervision yet can work well in a team environment and is customer focused.
Travel Requirements: (if required)
Willing to travel up to 10% of the time for business purposes (within state and out
Preferred Qualifications & Interests (PQIs)
Knowledge of common security vulnerabilities such as: XSS/CSRF, SQL Injection, Buffer Overflow, Lateral movement, privilege escalation, and DoS attacks.
Ability to understand complex systems and interfaces and create current state system architecture diagrams, highlighting security components
Ability to articulate issues, risks, and proposed solutions to various levels of staff and management
Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
Technical Knowledge to include:
Tenable / Nessus Vulnerability Management Application(s)
McAfee Products (ePO, Web Gateway)
Advance knowledge of Windows Administration
Basic knowledge of Linux Administration
Microsoft Active Directory Group Policy
Microsoft O365 and Azure Security
System hardening (CIS, NIST)
Forensics Tools (ex: FTK; Encase, etc…)
Scripting Languages - MS PowerShell & Python
This job description is to be used as a guide for accomplishing Company and department objectives, and only covers the primary functions and responsibilities of the position. It is in no way to be construed as an all-encompassing list of duties.
Option Care Health subscribes to a policy of equal employment opportunity, making employment available without regard to race, color, religion, national origin, citizenship status according to the Immigration Reform and Control Act of 1986, sex, sexual orientation, gender identity, age, disability, veteran status, or genetic information.
For over 40 years, Option Care Health has provided adult and pediatric patients with an alternative to hospital infusion therapy. With more than 2,900 clinical experts, Option Care Health is able to provide high-quality infusion services for nearly all patients with acute and chronic conditions across the United States, resulting in high quality outcomes at a significantly reduced cost. Option Care Health has more than 70 infusion pharmacies and 100 alternate treatment sites. We are guided by our purpose to provide extraordinary care that changes lives through a comprehensive approach to care along every step of the infusion therapy process including: intake coordination, insurance authorization, resources for financial assistance, education and customized treatments.
Option Care Health
- Option Care Health Jobs