Security Engineer, File Integrity Monitoring (REMOTE EST)
Insight Global
A large healthcare company is seeking an experienced File Integrity Monitoring (FIM) Security Engineer to join its enterprise security team. The client is over $370Bn in revenue and operates over 9,000 locations. They are dedicated to putting people first from their customers to their employees, engaging with customer feedback to further innovate to provide the best care possible, simplifying processes for care, creating a trusting environment, and to creating the safest and highest quality of care to keep patients protected. The client is dedicated to giving back to those around them. They have stared a Foundation to provide financial support to the communities to help with areas such as maternal health, mental health, scholarships, free health services/screenings, etc. This role is remote but EST time zone 8AM-5pm EST.
The File Integrity Monitoring (FIM) Security Engineer will support the program to monitor critical files for unauthorized changes and ensure the integrity of sensitive data across the organization's infrastructure. The role requires expertise in File Integrity Monitoring tools, threat detection, and compliance frameworks, with a focus on mitigating risks related to unauthorized access, data corruption, and system breaches. For PCI compliance the client needs to monitor all file systems that have PCI data and monitor any changes and provide evidence (timestamp of change, change order approving such change etc) in order to satisfy audits. If there are adverse findings and no evidence uploaded they must track down the owner to remedy.
Key Responsibilities:
1. FIM Implementation and Management:
-Support FIM program initiatives, projects, ad-hoc efforts, and BAU activities.
-Provide FIM operational support & documentation (e.g., strategies, roadmaps, proposals, control procedures & standards, security frameworks, flow charts, etc.).
-Deploy, configure, and maintain file integrity monitoring tools.
-Define, manage and enforce FIM policies and rules to detect unauthorized or suspicious changes to files and directories to ensure the integrity of critical files and systems.
-Establish baselines and regular reviews of critical file paths, configurations, normal file states and monitor for unauthorized or suspicious changes.
-Support regular audits and reviews of FIM processes to identify and address gaps.
-Ensure comprehensive coverage for critical systems, including servers, applications, databases, and endpoints.
-Assess and refine FIM policies to minimize false positives and ensure optimal alerting.
-Stay updated on evolving FIM technologies and best practices.
-Automate and streamline FIM processes to improve efficiency and scalability.
-Establish manual FIM processes where automation is not technically feasible.
-Stay updated on emerging threats, tools, and regulatory requirements to enhance the FIM program.
2. Incident Detection and Response
-Investigate FIM alerts to determine root cause and assess impact.
-Coordinate with incident response teams to contain and remediate security incidents involving file integrity violations.
-Develop and maintain playbooks for handling FIM-related incidents.
-Ensure proper logging, alerting, and reporting mechanisms are in place for timely detection and response.
-Contribute to forensic investigations by providing detailed logs and evidence from FIM systems.
3. Collaboration and Cross-Functional Support
-Partner with IT, DevOps, and business units to integrate FIM practices across the organization on applicable applications and systems.
-Work closely with compliance, audit, and risk management teams to meet regulatory and policy requirements (e.g., PCI DSS, HIPAA, SOX).
-Provide executive-level reporting on FIM metrics, trends, and risk mitigation efforts.
4. Continuous Improvement and Innovation
-Drive the adoption of automation and machine learning capabilities within the FIM program to enhance detection and reduce manual effort.
-Work closely with security, IT, and development teams to integrate FIM into DevSecOps workflows.
-Identify opportunities for process improvements and implement best practices in FIM operations.
-Promote a culture of security awareness and accountability related to file integrity.
Compensation:
$50/hr to $55/hr.
Exact compensation may vary based on several factors, including location, skills, experience, and education.
Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
The File Integrity Monitoring (FIM) Security Engineer will support the program to monitor critical files for unauthorized changes and ensure the integrity of sensitive data across the organization's infrastructure. The role requires expertise in File Integrity Monitoring tools, threat detection, and compliance frameworks, with a focus on mitigating risks related to unauthorized access, data corruption, and system breaches. For PCI compliance the client needs to monitor all file systems that have PCI data and monitor any changes and provide evidence (timestamp of change, change order approving such change etc) in order to satisfy audits. If there are adverse findings and no evidence uploaded they must track down the owner to remedy.
Key Responsibilities:
1. FIM Implementation and Management:
-Support FIM program initiatives, projects, ad-hoc efforts, and BAU activities.
-Provide FIM operational support & documentation (e.g., strategies, roadmaps, proposals, control procedures & standards, security frameworks, flow charts, etc.).
-Deploy, configure, and maintain file integrity monitoring tools.
-Define, manage and enforce FIM policies and rules to detect unauthorized or suspicious changes to files and directories to ensure the integrity of critical files and systems.
-Establish baselines and regular reviews of critical file paths, configurations, normal file states and monitor for unauthorized or suspicious changes.
-Support regular audits and reviews of FIM processes to identify and address gaps.
-Ensure comprehensive coverage for critical systems, including servers, applications, databases, and endpoints.
-Assess and refine FIM policies to minimize false positives and ensure optimal alerting.
-Stay updated on evolving FIM technologies and best practices.
-Automate and streamline FIM processes to improve efficiency and scalability.
-Establish manual FIM processes where automation is not technically feasible.
-Stay updated on emerging threats, tools, and regulatory requirements to enhance the FIM program.
2. Incident Detection and Response
-Investigate FIM alerts to determine root cause and assess impact.
-Coordinate with incident response teams to contain and remediate security incidents involving file integrity violations.
-Develop and maintain playbooks for handling FIM-related incidents.
-Ensure proper logging, alerting, and reporting mechanisms are in place for timely detection and response.
-Contribute to forensic investigations by providing detailed logs and evidence from FIM systems.
3. Collaboration and Cross-Functional Support
-Partner with IT, DevOps, and business units to integrate FIM practices across the organization on applicable applications and systems.
-Work closely with compliance, audit, and risk management teams to meet regulatory and policy requirements (e.g., PCI DSS, HIPAA, SOX).
-Provide executive-level reporting on FIM metrics, trends, and risk mitigation efforts.
4. Continuous Improvement and Innovation
-Drive the adoption of automation and machine learning capabilities within the FIM program to enhance detection and reduce manual effort.
-Work closely with security, IT, and development teams to integrate FIM into DevSecOps workflows.
-Identify opportunities for process improvements and implement best practices in FIM operations.
-Promote a culture of security awareness and accountability related to file integrity.
Compensation:
$50/hr to $55/hr.
Exact compensation may vary based on several factors, including location, skills, experience, and education.
Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Confirmar seu email: Enviar Email
Todos os Empregos de Insight Global