Information Security Engineer

Rally Health, Inc. helps people take an active role in their health care. We use clinical data, customized recommendations, and continual rewards to help consumers make positive lifestyle choices and navigate every touchpoint of the health care continuum. With offices in Washington, D.C., San Francisco, and Chicago, Rally Health features an executive team that has been working to transform the industry since 2010.

Rally Health is looking for an Information Security Engineer to join our IT team. This type of role is a unique personality set that likes to thrive on dealing with vulnerabilities and preventing intrusions. In the situation that an event does take place, this person would help detail the scope and impact and help drive the remediation. This individual will be responsible for the incident response process as it pertains to our security of our products both internally and externally. They will be working proactively to ensure safety across our organization, and partner with the appropriate teams for the handling of any security incidents. We'll also expect this individual to perform vulnerability testing across our products

**Incident Response** * Respond to computer security incidents according to the Computer Security Incident Response Policy (CSIRP) * Provide guidance to first responders for handling information security incidents * Coordinate efforts among multiple business units during response. * Provide timely and relevant updates to appropriate stakeholders and decision makers * Provide investigation findings to relevant business units to help improve information security posture * Validate and maintain incident response plan and processes to address potential threats * Compile and analyze data for management reporting and metrics **Threat Management** * Monitor information security related Web sites (US-CERT, SANS Internet Storm Center, etc.) and mailing lists (DHS Infrastructure, BugTraq, etc.) to stay up to date on current attacks and trends * Analyze potential impact of new threats and exploits and communicate risks to relevant business units

* Three or more years of technical experience in the information security field, preferably in this particular industry * Three or more years of practical experience in an incident response role * Advanced knowledge of information systems security concepts and technologies; network architecture; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and computer forensic tools such as EnCaseR and open source alternatives * Familiarity with security regulatory requirements and standards (such as NIST 800 series, ISO 2700x series, GLBA, FFIEC) * Advanced knowledge and experience with the Apple and Linux operating systems * Working knowledge of and experience in investigating malicious code * Demonstrated ability to apply technical and analytical skills in a security environment * Ability to work extremely well under pressure while maintaining a professional image and approach * Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause * Strong analytical writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports * Team player with proven ability to work effectively with other business units, IT management and staff, vendors, and consultants * Strong communication skills such as planning and leading effective meetings, conducting structured interviews to collect information, interpersonal and negotiation skills, and presenting to a variety of audiences * Advanced skills to present information to stakeholders and/or decision makers in an effective and professional deliverable **Education/Certifications** * Bachelor’s degree in management information systems, computer science, or related discipline is required * Postgraduate degrees and certificate programs in relevant areas that demonstrate analytical writing will also be considered * CISSP, SANS GCIH or GCFA, CISA, CISM, EnCER certification(s) and preferred but not required