ComPsych Corporation
About ComPsych
ComPsychⓇ is the worldwide leader in organizational mental health, well-being, and absence management, dedicated to igniting human potential in workplaces across the globe. For over 40 years, we have combined the best in technology with unmatched human expertise to help individuals and their organizations thrive. Our GuidanceResourcesⓇ and AbsenceResourcesⓇ solutions deliver end-to-end mental health, well-being, work-life, health navigation, and absence support to more than 75,000 customers worldwide,touching more than 160 million lives across 200 countries. Visit compsych.com to find out why 40% of the Fortune 500 choose ComPsych for their mental health and absence management needs. Job Summary
We are seeking a skilled and detail-oriented Infrastructure Security Engineer to design, implement, and maintain secure infrastructure systems across our enterprise environment. The ideal candidate will be responsible for safeguarding critical infrastructure, ensuring regulatory compliance (HIPAA, GDPR, etc.), and applying security best practices in line with the NIST Cybersecurity Framework. This role involves close collaboration with IT, DevOps, and compliance teams to proactively identify and mitigate risks while enabling business agility and resilience. Primary Responsibilities
Assess, design, document, and work with IT teams to implement security controls for critical applications and cloud infrastructure to meet security standards and guidelines. Monitor, analyze and respond to security events and incidents and vulnerabilities. Evaluate, integrate, and manage security tools (e.g., IDS/IPS, SIEM, firewalls, endpoint protection). Ensure compliance with regulatory standards including, but not limited to, HIPAA, GDPR, and relevant industry frameworks such as NIST CSF and ISO 27001. Conduct risk assessments, gap analyses, and audits of infrastructure environments. Develop and enforce security policies, standards, and procedures for infrastructure components. Collaborate with IT and DevOps teams to securely design and deploy new systems and services. Conduct incident response planning and execution, including root cause analysis and remediation. Keep up to date with evolving threats, vulnerabilities, and regulatory requirements. Create technical documentation, reports, and security architecture diagrams. Assist in reviewing phishing and spam queues and tune/adjust email proxy filtering rules as appropriate. Review and approve/disapprove Web Proxy Exception requests and apply rules updates as appropriate. Define rules and assist with DLP system maintenance. Assist 3rdparty vendors with annual penetration testing and coordinate efforts to mitigate identified vulnerabilities. Maintain subscriptions to vendors' security/vulnerability alerts and assess/establish and prioritize response plans based on the severity and applicability of the threat. Review and vet weekly Security scan results and coordinate with other IT teams to create remediation action plans. Other security tasks as needed. Job Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience). At least 5 years of experience in Informaiton Seucrity with focus on Infrastrcure or cloud security, or 7 years (in lieu of bachelor degree). Strong understanding of networking, firewalls, VPNs, proxies, DNS, and identity management. Proficiency with security frameworks and compliance regulations, especially: NIST CSF, HIPAA, GDPR, and others such as ISO27001, PCI DSS are a plus. Experience with cloud platforms (Azure, AWS, or GCP) and securing cloud infrastructure. Hands-on experience with SIEM, vulnerability scanners, and endpoint protection tools. Professional certifications such as CISSP, CCSP, CISM, CEH, or equivalent are highly desirable. Current knowledge of VMware, Windows Server, Windows Workstation, Linux, and Active Directory/LDAP technologies. Experience with Forcepoint Web Security & DLP products, and Next Generation Firewall & Endpoint products. Experience with SIEM products such as IBM QRadar, Nessus, Carbon Black, Delinia Secret Server, Microsoft SCCM, OpenSCAP, or similar products. Experience with security tools and technologies IDS/IPS, firewalls, endpoint protection, and web application firewall technologies. Experience configuring, maintaining, and auditing application systems security controls. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team in a fast-paced environment. Strong attention to detail and the ability to think critically and strategically. Preferred
Industry certifications such as CISM, GSEC, CompTIA Security+, or AWS/Azure security certifications. Experience with infrastructure as code (IaC) tools like Terraform or Ansible. Familiarity with DevSecOps practices. Experience conducting or supporting internal and external audits. Benefits and Perks
Full benefits package, including Paid Time Off (PTO), medical, dental, vision, 401(k) with match, robust EAP, wellness program, and much more Competitive pay with annual increases EEO ComPsych is an equal opportunity employer. All applicants will be considered for employment regardless of race, color, age, genetics, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status and any other characteristic protected by federal, state or local laws. ComPsych Corporation maintains a drug free workplace.
#J-18808-Ljbffr
ComPsychⓇ is the worldwide leader in organizational mental health, well-being, and absence management, dedicated to igniting human potential in workplaces across the globe. For over 40 years, we have combined the best in technology with unmatched human expertise to help individuals and their organizations thrive. Our GuidanceResourcesⓇ and AbsenceResourcesⓇ solutions deliver end-to-end mental health, well-being, work-life, health navigation, and absence support to more than 75,000 customers worldwide,touching more than 160 million lives across 200 countries. Visit compsych.com to find out why 40% of the Fortune 500 choose ComPsych for their mental health and absence management needs. Job Summary
We are seeking a skilled and detail-oriented Infrastructure Security Engineer to design, implement, and maintain secure infrastructure systems across our enterprise environment. The ideal candidate will be responsible for safeguarding critical infrastructure, ensuring regulatory compliance (HIPAA, GDPR, etc.), and applying security best practices in line with the NIST Cybersecurity Framework. This role involves close collaboration with IT, DevOps, and compliance teams to proactively identify and mitigate risks while enabling business agility and resilience. Primary Responsibilities
Assess, design, document, and work with IT teams to implement security controls for critical applications and cloud infrastructure to meet security standards and guidelines. Monitor, analyze and respond to security events and incidents and vulnerabilities. Evaluate, integrate, and manage security tools (e.g., IDS/IPS, SIEM, firewalls, endpoint protection). Ensure compliance with regulatory standards including, but not limited to, HIPAA, GDPR, and relevant industry frameworks such as NIST CSF and ISO 27001. Conduct risk assessments, gap analyses, and audits of infrastructure environments. Develop and enforce security policies, standards, and procedures for infrastructure components. Collaborate with IT and DevOps teams to securely design and deploy new systems and services. Conduct incident response planning and execution, including root cause analysis and remediation. Keep up to date with evolving threats, vulnerabilities, and regulatory requirements. Create technical documentation, reports, and security architecture diagrams. Assist in reviewing phishing and spam queues and tune/adjust email proxy filtering rules as appropriate. Review and approve/disapprove Web Proxy Exception requests and apply rules updates as appropriate. Define rules and assist with DLP system maintenance. Assist 3rdparty vendors with annual penetration testing and coordinate efforts to mitigate identified vulnerabilities. Maintain subscriptions to vendors' security/vulnerability alerts and assess/establish and prioritize response plans based on the severity and applicability of the threat. Review and vet weekly Security scan results and coordinate with other IT teams to create remediation action plans. Other security tasks as needed. Job Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience). At least 5 years of experience in Informaiton Seucrity with focus on Infrastrcure or cloud security, or 7 years (in lieu of bachelor degree). Strong understanding of networking, firewalls, VPNs, proxies, DNS, and identity management. Proficiency with security frameworks and compliance regulations, especially: NIST CSF, HIPAA, GDPR, and others such as ISO27001, PCI DSS are a plus. Experience with cloud platforms (Azure, AWS, or GCP) and securing cloud infrastructure. Hands-on experience with SIEM, vulnerability scanners, and endpoint protection tools. Professional certifications such as CISSP, CCSP, CISM, CEH, or equivalent are highly desirable. Current knowledge of VMware, Windows Server, Windows Workstation, Linux, and Active Directory/LDAP technologies. Experience with Forcepoint Web Security & DLP products, and Next Generation Firewall & Endpoint products. Experience with SIEM products such as IBM QRadar, Nessus, Carbon Black, Delinia Secret Server, Microsoft SCCM, OpenSCAP, or similar products. Experience with security tools and technologies IDS/IPS, firewalls, endpoint protection, and web application firewall technologies. Experience configuring, maintaining, and auditing application systems security controls. Excellent analytical, problem-solving, and communication skills. Ability to work independently and as part of a team in a fast-paced environment. Strong attention to detail and the ability to think critically and strategically. Preferred
Industry certifications such as CISM, GSEC, CompTIA Security+, or AWS/Azure security certifications. Experience with infrastructure as code (IaC) tools like Terraform or Ansible. Familiarity with DevSecOps practices. Experience conducting or supporting internal and external audits. Benefits and Perks
Full benefits package, including Paid Time Off (PTO), medical, dental, vision, 401(k) with match, robust EAP, wellness program, and much more Competitive pay with annual increases EEO ComPsych is an equal opportunity employer. All applicants will be considered for employment regardless of race, color, age, genetics, religion, gender, sexual orientation, gender identity, national origin, disability or protected veteran status and any other characteristic protected by federal, state or local laws. ComPsych Corporation maintains a drug free workplace.
#J-18808-Ljbffr