About Us:

At Stericycle, we deliver solutions and drive innovations that protect the environment, people, and public health. This includes working to create a more sustainable, shared future. Our innovative solutions make a difference in people's lives, communities, and our planet by protecting their health and well-being. Change your career. Change your world. Join Stericycle and help protect health and well-being in a safe, responsible, and sustainable way.

Position Purpose:

The Cybersecurity Engineering Sr is accountable for platform/product management. This position is responsible for deployment and support of technologies in the cybersecurity practice. The role facilitates the functional, and technical requirements for the product suite, and directs/governs the application of the technology used. This hands on role is accountable for designing, developing and ultimately deploying new cybersecurity technologies within Stericycle's Cybersecurity program.

Key Job Activities:

• Handle day-to-day implementation, monitoring and operational support of hardware, software, and managed solutions and service provider relationships.
• Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
• Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
• Implement solutions observing compliance and Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. and privacy laws.
• Queue Management for cybersecurity tickets (i.e. Phishing email analysis, EDR alerts, etc.)
• Respond to and handle service and escalation tickets within SLA expectations.
• Management Penetration Testing and Vulnerability scanning and report.
• Participate regularly in change project and change management meetings.
• Research, validate and deploy solutions meeting security and business needs.
• Follow security engineering fundamentals and processes as outlined in NIST 800-160
• Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
• Perform other duties and responsibilities, as assigned.

Education:

Experience (North America):

• Bachelors or equivalent
• 5 -7 years of experience in information technology and cybersecurity, including compliance and risk management with a system and network security engineering background
• Solid technical and analytical expertise, with a proven deep background (preferred 5+ years IT experience in addition to cybersecurity) in technology design, implementation and delivery.
• Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
• Knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
• Skilled in meeting vulnerability and penetration testing requirements
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
• CISSP, Security+, GISE, SysaPlus -any and all are preferred

Certifications and/or Licenses:

Benefits:

Stericycle currently offers its employees the option to participate in a full range of benefits, including a health care program which includes medical, dental, vision and prescription coverage, healthcare and dependent care flexible spending accounts, life and accidental death and dismemberment insurance, an employee assistance program, tuition reimbursement, paid vacation and sick time, a 401(k) plan, and an employee stock purchase plan. Participation in some programs requires that employees be regularly scheduled to work a minimum number of hours and/or to have fulfilled a waiting period after they begin employment with Stericycle.

Disclaimer:

The above description is meant to provide a summary of the nature and level of work being performed; it should not be construed as an exhaustive list of all responsibilities, duties and requirements of the job or person. This document does not create an employment contract, implied or otherwise. Stericycle will consider requests for workplace accommodations for protected physical or mental limitations in accordance with its human resources policies and local laws.To the extent permissible under local law, and consistent with business necessity, Stericycle reserves the right to modify the content formally or informally, either verbally or in writing, at any time with or without advance notice.