Apply on Employer Site

Acadia Healthcare · 22 hours ago

Senior Security Engineer, Detection and Response

US-TN-Franklin

Full-time

Hybrid

Senior Level

5+ years exp

Acadia Healthcare is dedicated to leading care with light and setting standards in mental health and addiction treatment. The Senior Security Engineer - Detection and Response is responsible for safeguarding IT infrastructure and sensitive patient data, ensuring compliance with cybersecurity standards, and addressing security incidents effectively.

Mental Health Care

H1B Sponsor Likely

Responsibilities

Implement and manage security tools

Continuously monitor for malicious activities and vulnerabilities

Develop comprehensive threat detection and alerting procedures

Lead and coordinate incident response, collaborating with IT and compliance teams

Tailor incident response plans for healthcare settings

Investigate and assess security incidents, with forensic analysis

Develop containment and remediation strategies for risk mitigation

Maintain and optimize security tools and systems

Ensure compliance with healthcare regulations and standards

Assist in external compliance audits

Collaborate with MSSP for security tools and configurations

Define SLAs and KPIs to align with security objectives

Share threat intelligence with MSSP for unified threat response

Coordinate incidents and create incident response playbooks with MSSP's expertise

Enhance security through scripting and automation

Develop custom security solutions

Automate incident response with scripting

Stay current with scripting languages and automation frameworks

Define operational metrics and KPIs

Establish quantifiable performance indicators

Regularly review and refine operational metrics

Develop and monitor service level objectives (SLOs) to ensure operational excellence

Performs other tasks as assigned

Complies with organizational policies, procedures, performance improvement initiatives and maintains organizational and industry policies regarding confidentiality

Communicate clearly and effectively to person(s) receiving services and their family members, guests and other members of the health care team

Develops constructive and cooperative working relationships with others and maintains them over time

Encourages and builds mutual trust, respect and cooperation among team members

Qualification

Cybersecurity principlesHealthcare securityIncident responseCompliance knowledgeSecurity tools managementThreat detectionScriptingAutomationCommunication skillsMultitaskingEnglish proficiencyProblem-solvingSelf-motivationAttention to detailOrganizational skills

Required

A bachelor's degree or equivalent work experience

Minimum of 5 years of cybersecurity experience, with a preference for at least 4 years in detection and response

Strong knowledge of cybersecurity principles, technologies, and best practices

Proven experience in healthcare security and knowledge of industry regulations, such as HIPAA and HITECH

Excellent communication and collaboration skills to work with diverse teams and vendors

Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard (PCI)

Proficiency in common information security management frameworks, such as ITIL, Center for Internet Security (CIS) Critical Security Controls (CSC), and NIST, including 800-53 and MITRE ATT&CK Framework

Strong problem-solving and analytical abilities

Candidates must be capable of effectively evaluating and implementing technical alternatives, staying up to date with emerging technologies, risk assessment methodologies, and incident response

Self-motivated with strong organizational skills and exceptional attention to detail

Ability to manage multiple tasks/projects simultaneously within strict time frames and adapt to frequent priority changes

Capability to work within established policies, procedures, and practices set by the organization

Proficient in English to provide and receive instructions and directions effectively

Preferred

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

CompTIA Security + or Network +

GIAC Certified Incident Handler Certification (GCIH)

GIAC Certified Intrusion Analyst Certification (GCIA)

Certified Cloud Security Professional (CCSP)

Certified Intrusion Analyst (GCIA)

Certified Information Security Incident Handler (CIHI)

Certified Incident Handler (EC-Council ECIH)

Certified Ethical Hacker (CEH)

other similar credentials

Benefits

Comprehensive Medical, Dental, and Vision Insurance

401(k) Plan with Company Match

Paid Time Off (PTO) and recognized holidays

Company-paid Basic Life and AD&D Insurance

Employee Assistance Program (EAP) and mental wellness resources

Opportunities for professional growth and advancement within Acadia’s nationwide network

Company

Acadia Healthcare

Glassdoor3.1

Headquartered in Franklin, Tennessee, Acadia Healthcare was established in January 2005 to develop and operate a network of behavioral health facilities across the country.

Founded in 2005

Franklin, Tennessee, US

10001+ employees

https://www.acadiahealthcare.com

H1B Sponsorship

Acadia Healthcare has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (1)