Careers

A Security Consultant is responsible for providing industry expertise to First Health’s clients. Consultants can perform a variety of tasks based on the individual needs of First Health’s clients; a Consultant strives to make improvements and help the client achieve success.

Responsibilities and Duties

• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Skills and Qualifications

• Familiarity with IoMT, associated software and common deployment models
• Demonstrated understanding of vulnerabilities and how they are exploited
• Performs data analysis and produces reports
• Monitors security devices, including procedures for detecting, reporting, and responding to security incidents.
• Collaborates with stakeholders on security initiatives and projects
• Interpersonal communication skills to effectively interface with internal/external clients.
• Ability to work well with internal technical staff and external clients and technology partners
• Communicates effectively with the HTM/Biomed/CE Manager and other Biomedical Equipment Technicians on a regular, formal, and informal, basis.
• Provides consultation to departments, clinicians, and leadership.
• Facilitates security risk assessments and provides advice for the implementation of compensating security controls on healthcare technology.
• Understanding of product cybersecurity and the relationship between threat, vulnerability, and potential client risk in the context of risk management.
• Understanding of industry standards such as the NIST Cybersecurity Framework.
• Strong analytical ability to solve complex technical problems.
• Knowledge of passive and active scanning and vulnerability management technology.
• Knowledge of the embedded systems design, implementation, and security controls.

Education and Experience – Bachelors in Engineering or equivalent

1-5 years Security experience

1-3 years Biomed experience

A Senior Security Consultant is responsible for providing industry expertise to First Health’s clients. Senior Security Consultants can perform a variety of tasks based on the individual needs of First Health’s clients. As tenured consultants, a Senior Security Consultant helps mentor other consultants, takes on more than one client project, and can present various project/program updates to client stakeholders; a Senior Security Consultant strives to make improvements and help the client achieve success.

Responsibilities and Duties

• Support multiple First Health clients in support of program/project tasks
• Present assessment findings and/or program/project updates to client stakeholders
• Mentor Security Consultants
• Track program/project tasks to ensure timely competition and delivery
• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Skills and Qualifications

• Familiarity with IoMT, associated software and common deployment models
• Conducting IoMT vulnerability management functions and prioritizing remediation
• Demonstrated understanding of vulnerabilities and how they are exploited
• Validated experience using one or more common vulnerability scanners
• Experience working with remediation teams and management
• Performs data analysis and produces reports
• Experience monitoring, detecting, reporting, and responding to security incidents
• Collaborates with stakeholders on security initiatives and projects
• Strong communication skills to effectively interface with internal/external clients
• Communicate effectively with the HTM/Biomed/CE Managers and Technicians
• Assists with design and implementation of the medical device security infrastructure
• Develop and maintains health technology security best practices
• Facilitates security risk assessments and provides advice for the implementation of compensating security controls on IoMT
• Understanding of industry standards such as the NIST Cybersecurity Framework
• Knowledge about the latest methodologies for vulnerability management and technologies and tools used
• Broad knowledge of medical devices, IT Security, and general systems infrastructure
• Experienced-based knowledge and serve as first point of escalation for security related events/issues.
• Knowledge of passive and active scanning and vulnerability management technology.
• Knowledge of the embedded systems design, implementation, and security controls.

Education and Experience

5-10 years Security experience

3-5 years Biomed experience

First Health’s Security Project Manager is responsible for coordination and executing security projects and technology implementations.  The Security Project Manager may also help to lead and deliver assessments for clients. The Security Project Manager is responsible for delivering excellent client service and ensuring that project deliverables are completed on time.

Responsibilities and Duties

• Manage delivery of First Health projects according to scope of work and contractual obligations
• Identify and mitigate risks which may impact successful delivery of projects
• Manage third party vendors, client vendors, project team and others assigned to First Health projects and delegate tasks as needed
• Provide industry-specific expertise, best practices and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize client meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Skills and Qualifications

• Implementing IT & HTM/Biomed/CE Projects
• Communicating effectively with the HTM/Biomed/CE Manager and other Biomedical Equipment Technicians on a regular, formal, and informal, basis.
• Project Lead responsible for project planning, client presentations, task assignment and project status reporting
• Project manage responsible for overall schedule (budget & timeline)
• Part of project team
• Implement new technology, application, and infrastructure
• Supporting application development, network configuration, new technologies, services, and system requirements.
• Familiarity with medical equipment, associated software and common deployment models
• Strong technical communication and leadership skills to lead implementations
• Ability to work well with internal technical staff and external clients and technology partners
• Experience leading committees, sub-committees, workgroups, and governance participation
• Works with business and technical stake holders to research, assess, evaluate, and support the implementations of security related projects.
• Complies with organizational change management process.

Education and Experience

3-5 years Security experience

1-3 years HTM/Biomed experience

1-5 years Project Management experience

First Health’s Senior Security Project Manager is responsible for leading and or contributing to First Health client projects and programs. The Senior Security Project Manager is responsible for overseeing client projects/programs and delivering excellent client service as well as providing direction to the First Health project team and Consultants.  The Senior Security Project Manager may also act as the client point of contact and liason for client executive team.

Responsibilities and Duties

• Manage delivery of First Health projects according to scope of work and contractual obligations
• Lead First Health client projects, programs, and teams
• Provide industry-specific expertise and guidance to clients
• Responsible for updating First Health Senior Leadership on project/program progress
• Manage the relationship and communication with the client and all stakeholders, ensuring the project is delivered to their satisfaction.
• Support First Health Leadership and sales with project/program objectives, scope, roles & responsibilities
• Help establish measurement approach, track progress towards client priority goals
• Recommend changes to a project that is ongoing if it appears it is not proceeding on schedule or is producing unsatisfactory results
• Identify and mitigate risks which may impact successful delivery of projects
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Skills and Qualifications

• Implementing IT & HTM/Biomed/CE Project
• Communicating effectively with the HTM/Biomed/CE Manager and other Biomedical Equipment Technicians on a regular, formal, and informal, basis
• Project Lead responsible for project planning, client presentations, task assignment and project status reporting
• Directly supported Executive Project Sponsor
• Implement new technology, application, and infrastructure
• Supporting application development, network configuration, new technologies, services, and system requirements.
• Familiarity with medical equipment, associated software and common deployment models
• Strong technical communication and leadership skills to lead implementations
• Ability to work well with internal technical staff and external clients and technology partners
• Experience driving organizational change management processes.
• Experience leading committees, sub-committees, workgroups, and governance participation

Education and Experience

5-10 years Security experience

3-5 years HTM/Biomed experience

5-10 years Project Management experience

1-3 Years of Direct Report Experience

First Health’s Application Specialist is responsible for contributing to the technology platforms we implement to First Health client projects. The Application Specialist is responsible for source code development, user script development and configuration of platform based on user requirements and delivering excellent client.  The Application Specialist will also be responsible for data migration management, data table mapping and may also act as the client point of contact for their technical applications and infrastructure teams.

Responsibilities and Duties

• Discover, design and implement solutions leveraging current and new ServiceNow features
• Participate in client workshops and lead process design and analysis exercises
• Build credibility and trust with business partners to unveil complexities and nuances of the business and its processes
• Participate in presentations to business partners focusing on takeaways and answering questions clearly
• Architect, develop and maintain ServiceNow (SNOW) installations and future upgrades
• Architect, develop, and transform our clients from legacy solutions to their new ServiceNow platform-based solution
• Perform engineering, design and implementation of SNOW solutions and products, including architecture reviews, vendor engagement, and evaluation, implementation, configuration, and testing of security tools,
• Demonstrate a strong understanding of CMMS and OT-specific components and challenges, data quality, including network, security, and data communication issues
• Develop and maintain client deliverable documentation, including solution design, deployment plan, implementation architecture, configuration requirements, and concept of operations (CONOPS),
• Provide engineering support of SNOW platform products used for capabilities such as hardware and software asset management, vulnerability management, reporting and dashboarding and configuration settings management,
• Engage with client stakeholders and technical/security personnel to ensure program and client requirements are met
• Collaborate effectively with the project team, other internal teams and stakeholders, and client teams and technical staff
• Communicate complex technical information clearly and concisely to various audiences in written or verbal format.

Skills and Qualifications

• Applies knowledge of SNOW architecture & design to client interface (UX) and configurations
• Responsible for database mgmt, DevOps practices,

Education and Experience

• 1-3 years Security or Biomed experience
• 5-7 years ServiceNow development experience
• ServiceNow or equivalent cert required: IT Service Management, Certified System Administrator. Certified Application Developer
• Modules Experience: CMMS, CMDB, Event Management, Service Mapping, Orchestration, Asset Management
• Custom scripting experience
• Enterprise Architecture methodologies and frameworks such as ITIL
• Knowledge of SDLC methodologies such as Waterfall, Agile, and Scrum

The Security Analyst will be responsible for assessing present cybersecurity related technical controls and recommend additions or modifications where appropriate to increase defensive posture for First Health clients. As a Security Analyst, you will play an advisory role to First Health clients in application development or acquisition projects to assess security requirements and controls and to ensure that security project tasks are implemented as planned.

Responsibilities and Duties

• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Additional Responsibilities:

• Assist in building out the GRC framework and governance model needed to develop and support the enterprise-wide risk identification, assessment, taxonomy, quantification, remediation, and reporting processes.
• Develop and maintain cybersecurity and IT risk register to track identified risks, risk decisions and related action plans.
• Develop and maintain appropriate processes, tools and metrics to efficiently manage and communicate cybersecurity and IT risk.
• Reviews risk status with senior leadership on a regular basis.
• Collaborate to define IT security standards and develop supporting organizational policies.
• Support and coordinate procedures and controls that assure compliance with all applicable regulatory and legal requirements, as well as good business practices.
• Perform security and compliance assessments on new and existing systems, processes, technology.
• Performs third-party supplier risk assessments to ensure supply chain risk is managed throughout the supplier’s lifecycle. Assesses and reports on the risks and benefits for the business as well as mandates for supplier compliance.
• Articulates results of final assessments to business stakeholders, project sponsors, program managers, and other internal parties.
• Contributes to maintenance and information gathering for inventory of relevant suppliers/vendors and related controls and risks for ongoing vendor risk management activities.
• Work with cross-functional business and clinical resources to provide guidance and support and ensure controls are adequate, appropriate, and effective.
• Functions as a liaison to support IT audit activities as needed.
• Supports workforce security activities including culture, awareness, and training.
• Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

Desired Skills:

• Requires a minimum of 3 years of experience in IT Security, Risk, Compliance, and/or Governance or related fields.
• Significant experience with legal and regulatory compliance standards and security frameworks such as NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d), etc.
• Ability to translate regulatory requirements into practical business considerations and recommendations
• Ability to proactively identify opportunities for continuous improvement
• Solid understanding of information security, IT networks and technology stacks
• Experience with process, risk and controls management
• Experience with security products and knowledge of IT security technologies
• Prior IT and/or cybersecurity hands-on technical experience preferred
• Experience working in the healthcare industry

Education

• Associate’s degree in computer science or related area, or equivalent work experience
• Industry-recognized certification in security strongly preferred: Security+, Network+, SSCP, HCISSP, or similar

The Senior Security Analyst will be responsible for assessing present cybersecurity related technical controls and recommend additions or modifications where appropriate to increase defensive posture for First Health clients. As a Security Analyst, you will play an advisory role to First Health clients in application development or acquisition projects to assess security requirements and controls and to ensure that security project tasks are implemented as planned.

Responsibilities and Duties

• Support multiple First Health clients in support of program/project tasks
• Present assessment findings and/or program/project updates to client stakeholders
• Mentor junior team members
• Track program/project tasks to ensure timely competition and delivery
• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned
• Additional Responsibilities:
• Assist in building out the GRC framework and governance model needed to develop and support the enterprise-wide risk identification, assessment, taxonomy, quantification, remediation, and reporting processes.
• Develop and maintain cybersecurity and IT risk register to track identified risks, risk decisions and related action plans.
• Develop and maintain appropriate processes, tools and metrics to efficiently manage and communicate cybersecurity and IT risk.
• Reviews risk status with senior leadership on a regular basis.
• Collaborate to define IT security standards and develop supporting organizational policies.
• Support and coordinate procedures and controls that assure compliance with all applicable regulatory and legal requirements, as well as good business practices.
• Perform security and compliance assessments on new and existing systems, processes, technology.
• Performs third-party supplier risk assessments to ensure supply chain risk is managed throughout the supplier’s lifecycle. Assesses and reports on the risks and benefits for the business as well as mandates for supplier compliance.
• Articulates results of final assessments to business stakeholders, project sponsors, program managers, and other internal parties.
• Contributes to maintenance and information gathering for inventory of relevant suppliers/vendors and related controls and risks for ongoing vendor risk management activities.
• Work with cross-functional business and clinical resources to provide guidance and support and ensure controls are adequate, appropriate, and effective.
• Functions as a liaison to support IT audit activities as needed.
• Supports workforce security activities including culture, awareness, and training.
• Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

Desired Skills:

• Requires a minimum of 5 years of experience in IT Security, Risk, Compliance, and/or Governance or related fields
• Significant experience with legal and regulatory compliance standards and security frameworks such as NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d), etc.
• Ability to translate regulatory requirements into practical business considerations and recommendations
• Ability to proactively identify opportunities for continuous improvement
• Solid understanding of information security, IT networks and technology stacks
• Experience with process, risk and controls management
• Experience with security products and knowledge of IT security technologies
• Prior IT and/or cybersecurity hands-on technical experience preferred
• Experience working in the healthcare industry

Education

• Bachelor’s degree in computer science or related area, or equivalent work experience
• Industry-recognized certification in security strongly preferred: Security+, Network+, SSCP, HCISSP, CISSP, CISM, CRISC, CISA, CTPRP, or similar

First Health’s CISO is responsible for coordination and executing client security projects. The CISO is responsible for delivering excellent client service and ensuring that project deliverables are completed on time.

Responsibilities and Duties

• Enforce First Health business strategies
• Manage delivery of First Health projects according to scope of work and contractual obligations
• Identify and mitigate risks which may impact successful delivery of projects
• Mange Consultants, Third Party Vendors, and others assigned to First Health projects and delegate tasks as needed
• Act as a point of liaison between the First Health project team and First Health leadership team
• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Mentor junior team members as needed
• Knowledge and experience with cybersecurity and compliance frameworks including NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d), etc.
• Knowledge of and experience with assessing and developing enterprise security programs and reporting on organizational risk management strategies and tactics
• Experience communicating with and presenting strategic security program findings and recommendations to senior management and executive leadership of highly regulated organizations
• Capable of explaining security, technology, and similar complex topics to management, leadership, and executives
• Experience in developing, creating, updating, managing, and communicating the importance of organizational policies related to information security, risk management, and similar corporate topics
• Organizational management experience including leadership, budget management, staff management, organizational chart assessment, and related leadership experience and knowledge
• Collaborate with senior leaders and departments to assess risks, coordinate mitigation efforts, establish internal controls, respond to incidents, and manage concerns.
• Ensure clients are operating to the highest security standards and adequately protected from threats
• Develop security policies to comply with security requirements as defined by client
• Provide direction for Enterprise Risk Management, Disaster Recovery, and Policies and Procedures

Desired Skills and Experience

• Requires a minimum of 8 years of experience in information security, risk management, compliance, and/or governance
• Additional experience in information technology, data governance, cloud security, or similar fields strongly preferred
• Significant experience with legal and regulatory compliance standards and security frameworks such as NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d), etc.
• Ability to translate regulatory requirements into practical business considerations and recommendations
• Ability to proactively identify opportunities for continuous improvement
• Solid understanding of information security, IT networks and technology stacks
• Experience with process, risk and controls management including development of security program roadmaps, project plans and driving program maturity
• Experience with security products and knowledge of IT security technologies
• Prior IT and/or cybersecurity hands-on technical experience preferred
• Experience working in the healthcare industry
• Facilitates clear and effective communication between technical and non-technical stakeholders.
• Minimum 5 years of project management experience
• Minimum 5 years security program management experience

Education

• Bachelor or Master’s Degree – Computer Science, Information Technology, Cybersecurity or similar, or equivalent work experience
• Industry-recognized certification in security strongly preferred: CISSP, CRISC, CISM, HCISSP, or similar

First Health’s Director is responsible for leading and or contributing to First Health client projects and programs. The Director is responsible for overseeing client projects/programs and delivering excellent client service as well as overseeing Managers and Consultants.

Responsibilities and Duties

• Enforce First Health business strategies
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Lead First Health client projects and programs
• Provide industry-specific expertise and guidance to clients
• Responsible for updating First Health Senior Leadership on project/program progress
• Manage the relationship and communication with the client and all stakeholders, ensuring the project is delivered to their satisfaction.
• Define project/program objectives, scope, roles & responsibilities
• Help establish measurement approach, track progress towards client priority goals
• Recommend changes to a project that is ongoing if it appears it is not proceeding on schedule or is producing unsatisfactory results
• Manage Project Managers and Consultants and enable them to supervise and manage their own teams
• Responsible for employee performance review(s) for FirstHealth direct reports
• Solve problems through helpful recommendations and practical suggestions
• Mentor junior team members as needed
• Knowledge and experience with information security and compliance frameworks including NIST CSF, 405d, PCI, HIPAA, HITECH
• Knowledge of and experience with assessing and developing enterprise security programs and reporting on organizational risk management strategies and tactics
• Experience communicating with and presenting strategic security program findings and recommendations to senior management and executive leadership of highly regulated organizations
• Capable of explaining security, technology, and similar complex topics to management, leadership, and executives
• Experience in developing, creating, updating, managing, and communicating the importance of organizational policies related to information security, risk management, and similar corporate topics
• Organizational management experience including leadership, budget management, staff management, organizational chart assessment, and related leadership experience and knowledge
• Collaborate with senior leaders and departments to assess risks, coordinate mitigation efforts, establish internal controls, respond to incidents, and manage concerns.
• Ensure clients are operating to the highest security standards and adequately protected from threats
• Develop security policies to comply with security requirements as defined by client
• Provide direction for Enterprise Risk Management, Disaster Recovery, and Policies and Procedures
• Supports security programs and operational activities to ensure timeliness and effectiveness of solutions provided to clients

Desired Skills and Experience

• Requires a minimum of 10 years of experience in information security, risk management, compliance, and/or governance
• Additional experience in information technology, data governance, cloud security, or similar fields strongly preferred
• Significant experience with legal and regulatory compliance standards and security frameworks such as NIST Cyber Security Framework (CSF), NIST 800-53, ISO 2700x, PCI-DSS, HIPAA, HITRUST, 405(d), etc.
• Ability to translate regulatory requirements into practical business considerations and recommendations
• Ability to proactively identify opportunities for continuous improvement
• Solid understanding of information security, IT networks and technology stacks
• Experience with process, risk and controls management including development of security program roadmaps, project plans and driving program maturity
• Experience with security products and knowledge of IT security technologies
• Prior IT and/or cybersecurity hands-on technical experience preferred
• Experience working in the healthcare industry
• Facilitates clear and effective communication between technical and non-technical stakeholders.
• Experience working with sales and bid teams to develop SOW and RFP proposals for clients
• Minimum 5 years of project management experience
• Minimum 5 years security program management experience

Education

• Bachelor or Master’s Degree – Computer Science, Information Technology, Cybersecurity or similar, or equivalent work experience
• Industry-recognized certification in security strongly preferred: CISSP, CRISC, CISM, HCISSP, or similar

First Health’s Security Program Manager is responsible for coordination and executing security projects. The Security Project Manager is responsible for delivering excellent client service and ensuring that project deliverables are completed on time.

Responsibilities and Duties

• Enforce First Health business strategies
• Manage delivery of First Health projects according to scope of work and contractual obligations
• Identify and mitigate risks which may impact successful delivery of projects
• Manage Consultants, Third Party Vendors, and others assigned to First Health projects and delegate tasks as needed
• Act as a point of liaison between the First Health project team and First Health leadership team
• Provide industry-specific expertise and guidance to clients
• Build and strengthen client relationships
• Brainstorm strategies for growth, positive change, and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Desired Skills

• Familiarity with security frameworks, e.g., NIST CSF, HITRUST, 405(d).
• Cross domain knowledge in either risk management, information technology, cybersecurity, or healthcare technology management.
• Ability to write technical documents for appropriate audiences.
• Strong understanding of project management methodologies. Able to customize these practices to best fit the project and client needs.
• Self-starter with minimal management oversight.

Education and Experience

• PMP, ITIL, or Six Sigma certifications preferred
• Minimum 2 years project management experience
• Working knowledge of various project management platforms, .e.g, Microsoft Project, Asana, Monday, etc.

First Health’s Senior Security Program Manager is responsible for coordination and executing security projects. The Senior Security Project Manager is responsible for delivering excellent customer service and ensuring that project deliverables are completed on time.

Responsibilities and Duties

• Enforce First Health business strategies
• Manage delivery of First Health projects according to scope of work and contractual obligations
• Identify and mitigate risks which may impact successful delivery of projects
• Manage Consultants, Third Party Vendors, and others assigned to First Health projects and delegate tasks as needed
• Act as a point of liaison between the First Health project team and First Health leadership team
• Provide industry-specific expertise and guidance to clients
• Build and strengthen client relationships
• Brainstorm strategies for growth, positive change, and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned

Desired Skills

• Familiarity with security frameworks, e.g., NIST CSF, HITRUST, 405(d).
• Cross domain knowledge in either risk management, information technology, cybersecurity, or healthcare technology management.
• Ability to write technical documents for appropriate audiences.
• Strong understanding of project management methodologies. Able to customize these practices to best fit the project and client needs.
• Self-starter with minimal management oversight.

Education and Experience

• PMP, ITIL, or Six Sigma certifications preferred
• Minimum 5 years project management experience
• Working knowledge of various project management platforms, .e.g, Microsoft Project, Asana, Monday, etc.
• Bachelor’s degree in computer science, business administration, information technology, cybersecurity, or equivalent professional experience preferred.

A Security Consultant is responsible for providing industry expertise to First Health’s clients. Consultants can perform a variety of tasks based on the individual needs of First Health’s clients; a Consultant strives to make improvements and help the client achieve success.

Responsibilities and Duties

• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Reports to First Program Manager or the assigned client contact
• Additional responsibilities and duties as assigned
• Work with leadership and clients to develop and implement standard operating procedures (SOP’s) and best practices around cybersecurity
• Plan and coordinate security operations, plans of action and milestones, and incident response activities
• Develop standard reports and related processes around breach notifications and security alerting
• Maintaining up to date knowledge relating to indicators of attacks (IOA’s), indicators of compromise (IOC’s), tactics, techniques, and procedures and methods of attack
• Provide security engineering services as required to deliver client services related to projects and managed solutions
• Develop monitoring and alerting to inform leadership and clients regarding security breaches and incidents
• Communicate best practices and process around securing organizational data and protection of infrastructure and IT services for clients
• Provide input and feedback around best practice for penetration testing process and procedure and feedback around reporting data
• Architect, design, implement, support, and evaluate security-focused tools and services
• Perform threat and vulnerability management, threat modeling, identify threat vectors and develop use cases for security monitoring.
• Translate business, regulatory, and security requirements into technical infrastructure solutions that impact the enterprise

Desired Skills 

• Minimum 3 years’ experience with security engineering products such as CrowdStrike, Tenable, Qualys, and related types of products and solutions in an enterprise setting with at least 5,000 endpoints (servers, desktops, other devices)
• General experience with Microsoft Active Directory, Exchange, 365, and related networking and TCP/IP background is also a requirement.
• Microsoft Windows 10/11, Server 2019/2022, Active Directory, Exchange, 365, and other MS products

Education and Experience 

• Bachelor of Science or Master of Science  – Computer Science, Engineering, or equivalent work experience
• Minimum 3 years of security engineering experience in an enterprise setting

A Senior Security Consultant is responsible for providing industry expertise to First Health’s clients. Senior Security Consultants can perform a variety of tasks based on the individual needs of First Health’s clients. As tenured consultants, a Senior Security Consultant helps mentor other consultants, takes on more than one client project, and can present various project/program updates to client stakeholders; a Senior Security Consultant strives to make improvements and help the client achieve success.

Responsibilities and Duties 

• Support multiple First Health clients in support of program/project tasks
• Present assessment findings and/or program/project updates to client stakeholders
• Mentor Security Consultants
• Track program/project tasks to ensure timely competition and delivery
• Provide industry-specific expertise and guidance to clients
• Brainstorm strategies for growth, positive change and improvement
• Give presentations and organize team meetings
• Solve problems through helpful recommendations and practical suggestions
• Additional responsibilities and duties as assigned
• Work with leadership and clients to develop and implement standard operating procedures (SOP’s) and best practices around cybersecurity
• Plan and coordinate security operations, plans of action and milestones, and incident response activities
• Develop standard reports and related processes around breach notifications and security alerting
• Maintaining up to date knowledge relating to indicators of attacks (IOA’s), indicators of compromise (IOC’s), tactics, techniques, and procedures and methods of attack
• Provide security engineering services as required to delivery client services related to projects and managed solutions
• Develop monitoring and alerting to inform leadership and client regarding security breaches and incidents
• Communicate best practices and process around securing organizational data and protection of infrastructure and IT services for clients
• Provide input and feedback around best practice for penetration testing process and procedure and feedback around reporting data
• Architect, design, implement, support, and evaluate security-focused tools and services
• Perform threat and vulnerability management, threat modeling, identify threat vectors and develop use cases for security monitoring.
• Translate business, regulatory, and security requirements into technical infrastructure solutions that impact the enterprise

Desired Skills

• Minimum 5+ years’ experience with security engineering products such as CrowdStrike, Tenable, Qualys, and related types of products and solutions in an enterprise setting with at least 5,000 endpoints (servers, desktops, other devices)
• General experience with Microsoft Active Directory, Exchange, 365, and related networking and TCP/IP background is also a requirement.
• Microsoft Windows 10/11, Server 2019/2022, Active Directory, Exchange, 365, and other MS products

Education and Experience

• Bachelor of Science or Master of Science – Computer Science, Engineering, or equivalent work experience
• Minimum 5+ years of security engineering experience in an enterprise setting