Healthcare Security Engineer

Description

Make a significant impact on healthcare security as our Security Engineer!

Reporting to the Healthcare IT Services Manager, you'll play a pivotal role in strengthening the security posture of our expanding client base. You’ll collaborate with key stakeholders to monitor and respond to security alerts, triage events and incidents, address security concerns, and optimize existing security solutions and workflows. Additionally, you'll regularly interface directly with employees or users, work with IT to enhance and enforce security policies and ensure the secure implementation of new technologies. As the point of contact for security operations, including incident response and vulnerability management, you'll provide leadership with insightful reports and regular security metrics. Stay ahead of cybersecurity and healthcare industry trends to apply cutting-edge knowledge to our workflows.

Responsibilities

• Lead Incident Response: Take charge of incident response efforts; swiftly receive, analyze, and resolve security alerts, conducting thorough root cause analyses of potential compromises, misconfigurations, phishing attempts, and other security events.
• Investigate and Contain Threats: Dive deep into Indicators of Compromise (IOCs) and execute effective containment measures—such as blocking malicious entities and isolating threats—to protect organizational integrity.
• Strengthen Client Security: Advise on and drive initiatives to reduce and harden attack surfaces across diverse client environments; a pivotal role in safeguarding critical assets.
• Promote Security Awareness: Advise on and champion best practices for Security Awareness Training, fostering a culture of security mindfulness throughout the organization.
• Manage Advanced Security Systems: Implement, maintain, and optimize cutting-edge security systems, ensuring comprehensive coverage and adherence to security baselines across all networks and devices.
• Automate Security Processes: Innovate by designing and implementing automation solutions to enhance response efforts, increasing efficiency and proactiveness. 
• Collaborate on Vendor Security: Work closely with vendors to verify their security posture and, as needed, provide insight of our security program or manage vendor requirements.
• Analyze Security Trends: Provide strategic insights by analyzing and reporting on organizational and system security posture trends, influencing future security strategies.
• Stay Ahead of Industry Developments: Engage in continuous learning and research to remain at the forefront of security and healthcare industry trends, applying the latest knowledge to enhance security measures.
• Adapt to Evolving Needs: Embrace additional duties as assigned, demonstrating flexibility and commitment to meeting the organization's evolving business needs.
• Performs additional duties as assigned 

Requirements

• Education and Certifications:
  • Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent demonstrated experience and knowledge.
  • Possession of, or ability to obtain within 6 months, a relevant security certification such as CISM, OSCP, CISA, GSEC, or Security+.
• Experience:
  • 4+ years of combined IT experience, with at least 2 years in a dedicated security role (e.g., Security Analyst, Security Engineer, SOC Analyst, Ethical Hacker).
  • Experience with HIPAA compliance and securing healthcare environments; familiarity with PCI DSS and NIST Special Publications is highly desirable.
  • Proficiency in any scripting or programming language (preferably PowerShell).
• Technical Skills:
  • Strong understanding of technology & security principles, techniques, and protocols.
  • Experience with security systems such as firewalls, intrusion detection systems, antivirus software, authentication systems, and log management.
  • Advanced proficiency with incident response processes, alert triaging and prioritization, and threat containment measures.
• Organizational Skills:
  • Ability to empathetically communicate during high-stress situations
  • Strong proficiency in clearly communicating technical info to diverse audiences.
  • Ability to marshal resources effectively to accomplish goals.
  • Proficient in orchestrating multiple activities simultaneously.
  • Excellent documentation skills to enhance future workflows.

Why Join Us?

• Impactful Work: Play a crucial role in protecting our clients' critical assets and shaping our security posture.
• Professional Growth: Access to continuous learning opportunities and the latest industry insights.
• Collaborative Environment: Work with a team of dedicated professionals in a supportive and innovative setting.
• Cutting-Edge Technology: Engage with the latest security technologies and automation tools.

Physical Demands

The physical demands described here are representative of those that an employee must meet to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this job, the employee uses his/her hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; stop, kneel, or crouch. The employee must be able to lift up to 50 pounds regularly. The employee uses computer and telephone equipment. The employee must be able to sit for long periods of time.