IT Security Engineer
Lirio applies the psychology of human behavior and the power of advanced machine learning to help healthcare and energy enterprises drive individuals toward positive behavior change at scale. Lirio delivers mass personalization by harnessing behavioral intelligence to surface the right message to the right person to drive the right action at the right time.
The IT Security Engineer will play a critical role in ensuring information security tools and technologies are utilized properly and act as the main liaison between the third-party IT vendor and Lirio. This position is located in Knoxville, TN and reports to the Director of Information Security. The IT Security Engineer will help build the department, help decide on what tools are best for Lirio, and ensure correct setup/implementation.
- Setup, monitor, and respond to alerts from AWS, Azure, O365, and other critical applications.
- Perform security reviews of requested software and vendors, ensuring they are meeting Lirio security requirements.
- Ensure legal documents for each vendor/software are in place (NDA, BAA).
- Work to implement controls for HITRUST and SOC compliance.
- Plan, organize, control, and evaluate IT and electronic data operations.
- Act in alignment with user needs and system functionality to contribute to organizational policy.
- Identify problematic areas and implement strategic solutions in time.
- Audit systems and assess their outcomes.
- Proactively contribute, offer recommendations, and identify risks and solutions associated with proposed or existing software application strategies.
- Train/instruct users in proper use and security of all systems. Troubleshoot/repair/resolve technical problems/issues related to computer hardware/software/LAN and WAN/internet
- Respond to program error messages. Provide network communications support and technical guidance.
- Liaison with a third-party IT company to ensure company needs and requirements are met.
- 5+ years of IT Security experience.
- Experience with security governance, risk, and compliance management experience a plus.
- Hands-on experience with tools such as Office 365, Azure, AWS, Google, Symantec, Splunk, Palo Alto Firewalls, Barracuda, Mimecast, Tripwire, etc.
- Experience with incident responses and vulnerability scanning, remediation process is a plus.
- Networking or application experience is a must.
- Proven experience with training very technical and non-technical staff.