Job Number: 20017723

Location: Brentwood, TN

Date Posted: 7-22-2017

Job Title: Information Security Engineer

Apply Now Apply Now

Why naviHealth?

naviHealth is the result of over a decade of dedicated visionary leaders and innovative organizations challenging the status quo for PAC management solutions. We do healthcare differently and we are changing healthcare one patient at a time. How might you ask? By hiring talented clinicians, engineers, analysts, and healthcare leaders to create and utilize cutting edge technology to provide the patient with the best level of care for the right amount of time.

Why Is This Role Critical?

The Information Security – Engineer is a hands-on position that is responsible for maintaining enterprise information security policies, technical standards, guidelines, procedures, and other elements of an enterprise infrastructure necessary to support information security in compliance with established company policies, regulatory requirements (ex. HIPAA), generally accepted information security controls (ISO 27001/2, NIST, etc.) and security best practices (OWASP, SANS, etc.).

What you will be accountable for….

Strategy & Planning

  • Participate in the planning and implementation of enterprise security architecture.
  • Provide security expertise, direction, and assistance to technical staff.
  • Perform audits of security devices and policies to ensure compliance with all regulatory standards, information security controls, and best business practices.
  • Develop and maintain security solutions that facilitate the company’s strategic business needs.
  • Conduct research on emerging technologies in support of systems development efforts, and recommend technologies that will increase improve the enterprise security posture.
  • Recommend security control and systems to support business goals of the company.
  • Implement security systems that have positive budgetary impact by reducing costs and increasing productivity.
  • Enhance the company’s information assets by contributing to its security, integrity, efficiency, availability, and accuracy.
  • Familiar with identity management, role methodologies (ex. RBAC), and least privilege principles.
  • Project Management experience in security platform initiatives.

Operational Management

  • Perform analysis of application, system and security event data in support of identifying or preventing threats.
  • Establish and communicate design and architecture standards via mentoring, technical presentations, and documentation.
  • Interact with all levels of customers, users, and vendors, including executive management, technical personnel, and contractors.
  • Demonstrated ability to provide security thought leadership across the organization.
  • Identify, prioritize and onboard internal, application data feeds to the SIEM platform.
  • Experience working with mainstream firewall platforms in relation to configuration and firewall audits.
  • Assist with Change Management preparations and implementations, providing technical subject matter expertise.
  • Provide security analysis and consultation services for product, system and data protection architecture designs.
  • Lead incident response efforts across the enterprise.

What you will need to be successful……

  • BS/BA Degree preferred.
  • Minimum 5 years’ experience in Information Security. A background in security operations or design & engineering role or any combination of education and experience, which would provide an equivalent background.
  • In-depth knowledge of Role Base Security models and implementations in diverse technical environments
  • In-depth knowledge and understanding of industry-accepted data processing controls and concepts as applied to hardware, software, data network communications, and people.
  • Familiarity with Security Audit Processes, Compliance Remediation, and Best Practices.
  • Previous professional experience with enterprise SIEM.
  • Previous professional experience with Enterprise Monitoring.
  • Experience managing log sources, log types, and automating processing/parsing

The nice to haves……

  • Experience with Palo Alto firewalls
  • Role based access controls (RBAC)
  • Experience with security frameworks such as NIST, HIPAA and FISMA.
  • Experience with IPS and IDS
  • Hands on knowledge of SIEM management, DLP and vulnerability management

About Us

naviHealth is a pioneer in post-acute care and care transitions with a combined unprecedented 18 years of experience that uniquely positions us to manage patients, improve clinical and financial outcomes, and share risk with payors and providers. As a Cardinal Health company, we provide clinical support alongside scalable technology and advisory solutions that empower health systems, health plans, and post-acute providers to navigate care episodes across the continuum, with the goal of reducing waste and improving patient outcomes

naviHealth Values

We care about the people we serve.

We care about each other.

We care about our communities.

We embrace innovation.

We like simple.

naviHealth ™ is proud to be an equal opportunity/affirmative action employer. We are committed to attracting, retaining and maximizing the performance of a diverse and inclusive workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

To apply, your internet browser must be Internet Explorer Version 9 or above, FireFox, Safari or Chrome. If your current browser is Internet Explorer 8 or below, please upgrade your browser before applying

Learn how to update your browser

Meet Gopikrishna

I started my career as an IT programming analyst and have progressed into management. Cardinal Health provides various training programs to help individuals be successful in their job and grow professionally. This is a great place to work because the people here strive to make a great difference in healthcare every day. Gopikrishna, Manager, Software Engineering