Information Security Engineer

Medpace is one of the leading Clinical Research Organizations companies in Healthcare. We are hiring a full-time talented Information Security Engineer to identify security threats and engineer solutions. We are an office-based company with partial WFH benefits. If you’re excited to be part of a fast-growing winning team, then Medpace is a great place to grow your career.

You will join a team that is responsible for the following:

• • Engineer security solutions without oversight and collaborate with multiple departments
  • Analyze security systems and seek improvements on a continuous basis
  • Research vulnerabilities, perform vulnerability scanning, and mitigate threats
  • Develop security best practices and policies for the organization
  • Document new processes, cross-train coworkers, and assist employees on security-related matters
  • Provide security awareness training and testing for employees to verify proper security protocols are being followed
  • Staying current with cybersecurity knowledge by participating in educational opportunities, reading professional publications, and participating in professional organizations
  • Performing cyber security incident response, and remediation activities
  • Facilitate access reviews of company data and revoke inappropriate/overprovisioned access in order to drive least privilege access

• Require at least a Bachelor’s degree preferably in Information Technology
• Require a minimum of at least 2 years of experience in implementing Information Security solutions
• Understanding of security best practices and how to implement them at a business-wide level
• Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following:
  • SIEM
  • Privileged Access Management/Identity Access Management/Multifactor Authentication
  • Endpoint Detection & Response
  • Network Access Control
  • Cloud based architecture such as Azure/AWS
  • Active Directory
• Soft skills including excellent communication skills, critical thinking skills with the ability to solve problems as they arise, and ability to prioritize projects
• Basic scripting skills, such as PowerShell/Python scripting

Nice to have:

• • Experience with vulnerability assessment tools such as Nessus and Tenable
  • Experience with enterprise web proxy solutions, web filters, and VPN
  • Experience with email security solutions
  • Experience with firewall and network architecture
  • Experience with administrating Windows environment including GPO and servers
  • Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPAA, GDPR, SOC Type 2, etc.
  • Auditing and policy-writing experience