The American College of Radiology – Reston, VA
Founded in 1923, the American College of Radiology® is at the forefront of radiology evolution, representing nearly 40,000 radiologists, radiation oncologists, nuclear medicine physicians and medical physicists.
We are seeking energetic and innovative individuals to further reinforce our core purpose of serving patients and society by empowering members to advance the practice, science and professions of radiological care.
If you share our core values of: Leadership • Integrity • Quality • Innovation, we want you on our team!
The American College of Radiology (ACR) has two openings for a Junior Information Security Engineer. The Engineers will be members of the IT Security team, working with other SOC members to strengthen the security posture of the ACR. Responsibilities include designing and maintaining security solutions, matching solutions to organization and client requirements, and ensuring security strategy and roadmaps are aligned with company objectives and client requirements. Service to our customers is our utmost priority; the Security Engineers must be able to work flexible hours when needed and be possible to contact 24/7.
Primary areas of accountability:
Research new threats and attack vectors and work with fellow SOC\NOC engineers to implement countermeasures and update administrative and technical controls to adjust the security posture
Conduct configuration and system audits for adherence to best practices and compliance to security standards
Work with security lead to determine and develop architectural approaches and solutions by conducting business reviews, documenting current systems, and developing recommendations at the capability level
Assist in design and implementation of resilient Information Security infrastructures including:
Threat and Vulnerability Management – ensure complete, secure and reliable log collection and review via Tripwire Log Center
Cyber security and incident management
Endpoint protection o Encryption and Certificate management
Security Analytics and Intelligence
Review and Analyze Security Logs for anomalies and take corrective\preventative actions.
Keep abreast of technology advances and issues across all enterprise domains. Research, test and recommend tools and practices for potential implementation
Qualified candidates will possess the following:
1+ years of relevant enterprise support experience in core security domains: Governance Risk and Compliance, Application and Data security; Infrastructure and Endpoint Security; Cyber Security Intelligence /SIEM and Security Surveillance is highly desired; 3+ years of related IT work experience is highly desired.
Technical background in supporting infrastructure capabilities: networking, firewalls, IDS/IPS, server hardware and operating systems, and end-user access devices (PC’s, tablets, etc.)
Bachelor’s degree preferred. One or more of following certifications are preferred (Ethical Hacker, Offensive Security Certified Professional, CISSP, CISA, CISM)
Experience with regulatory compliance issues such as HIPAA, FISMA, SOX and PCI
Preferred Security experience with the following application/systems: Tripwire Log Center, Tripwire Enterprise, Anti-Virus products, firewalls, and IDS\IPS.
ACR offers a rewarding employee experience: innovative culture, professional growth potential, competitive compensation and an exceptional benefits package, including a defined contribution pension plan, 403(b); generous paid time off package; insurance plans with the leading providers; flexible spending; tuition reimbursement; training opportunities; and wellness reimbursement.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.