Fallon Technology Jobs

mobile fallon logo

Job Information

Fallon Health Information Security Engineer / Architect - Growing Health Org. - Poss. Remote! in Worcester, Massachusetts


About Fallon Health

Founded in 1977, Fallon Health is a leading health care services organization that supports the diverse and changing needs of those we serve. In addition to offering innovative health insurance solutions and a variety of Medicaid and Medicare products, we excel in creating unique health care programs and services that provide coordinated, integrated care for seniors and individuals with complex health needs. Fallon has consistently ranked among the nation’s top health plans, and is accredited by the National Committee for Quality Assurance for its HMO, Medicare Advantage and Medicaid products. For more information, visit fallonhealth.org.

Brief Summary of Purpose:

The Information Security Engineer works under the guidance and direction of the Director, Information Technology Security and Risk and is focused on proactive vulnerability assessment, threat detection, forensic investigation, and application security, and will participate in systems architecture, development, and deployment with a focus on security best practices. This position will be responsible for cyber security incident response, network monitoring and protection, understanding network exploitation techniques, and providing a strategy to mitigate risk while maintaining intrusion containment.


Primary Job Responsbilities

  • Provide information security subject matter expertise to developers, engineers, and business customers on risk assessments, vulnerability remediation, and threat detection techniques

  • Implement standards that meet existing and newly developed policy and regulatory requirements.

  • Perform regular and ad-hoc application security reviews, threat modeling, and vulnerability analysis

  • Perform information security assessments of information technology assets based on the NIST framework

  • Prepare technical reports based on findings and recommendations

  • Assist IT resources with analysis and interpretation of information system vulnerabilities identified.

  • Maintain the inventory and software baseline of servers used to scan non-enterprise information systems and applications.

  • Support the security posture of the organization through analysis of vulnerabilities of systems that host critical information, such as common web application and databases (e.g., Internet Information Server, Apache Web Server, SQL Database Server, and Oracle Database Server). This area may also include evaluating underlying vulnerabilities within Unix-like operating systems.

  • Enforce, maintain, and clarify the policies and procedures of the company.



  • Bachelor's degree in Information Technology field (dependent upon experience)


  • CISSP, GCIA or CISA preferred


  • 7-10 years IT security or information security experience with a proven ability to engage with Senior Management and regulators.

  • Working knowledge of and experience with NIST CSF, NIST SP 800-53, HIPAA, and PCI DSS

  • Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.

  • Experience with IPS/IDS and SIEM technologies.

  • Experience with information security incident handling, incident response, and reporting practices

  • Team player with excellent consultative, communication, writing and project management skills

  • Ability to prioritize and complete assigned tasks within defined timeframes

  • Demonstrated ability to develop, test, and implement remediation plans

  • Strong knowledge of current security threats, techniques, and landscape

  • Exceptional analytical, critical thinking and decision making skills

  • Demonstrated sound judgment and integrity

  • Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.

  • Working knowledge of information security risk remediation.

  • Must be highly skilled and proficient in problem solving, with an aptitude and willingness to learn new technologies.

  • Strong technical background in networking and malware analysis.

  • This position requires predictable attendance to meet workload demands.

Fallon Health provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.


Location US-MA-Worcester

Posted Date 2 months ago (3/15/2021 4:28 PM)

Job ID 6272

# Positions 1

Category Information Technology