Network and Security Engineer - Healthcare IT (ACRN) - Harare or Johannesburg

Location: Harare or Johannesburg South Africa - On site at one of these locations 

Hours: Full Time 

Reports to: Chief Technology Officer – Africa Clinical Research Network

Our Mission:  

The African Clinical Research Network (ACRN) is an African-led and African-driven clinical research organisation. Our work not only promotes and supports a vibrant life sciences ecosystem but also profoundly impacts Africa's health and economic development. By facilitating sustainable, innovative, collaborative, and community-oriented research, ACRN is poised to transform healthcare and improve lives across Africa, inspiring a new era of clinical research.  

We provide high-quality data, harmonise regulatory processes to improve timelines, support capacity building within the existing ethics and regulatory systems, and enhance community trust and research participation. These are some of the first key steps to making Africa more competitive in the global life sciences industry, a goal we are proud to contribute to.  

The ACRN drives clinical research excellence by connecting researchers to opportunities, enhancing research capacity in existing facilities, implementing high-quality trials and research, and leveraging a robust digital infrastructure.    

We are committed to fostering the community's understanding of research. Through our community engagement network, we significantly increase stakeholder buy-in of clinical results, thereby enhancing the transparency and credibility of our research.

Job Summary:

We are seeking a Network and Security Engineer with expertise in healthcare IT security, HL7 data exchange, and compliance with healthcare regulations. This role is responsible for designing, implementing, and securing network infrastructure in a healthcare environment, ensuring the confidentiality, integrity, and availability of Health Information Systems (HIS) while supporting interoperability standards such as HL7, FHIR, and DICOM.

The ideal candidate will have strong experience in network security, healthcare data standards, and regulatory compliance (HIPAA, HITECH, POPIA, GDPR) and will play a key role in securing electronic health records (EHRs) and clinical data exchanges both on premise and across multiple clouds.

Key Responsibilities:

Healthcare Network & Infrastructure Security

Design, implement, and maintain secure network architectures for healthcare IT environments, including hospitals, clinics, IoT and telemedicine platforms.

Manage and secure HL7 interfaces, FHIR APIs, and data interoperability between healthcare systems (EHRs, PACS, LIS, HIS, RIS, etc.).

Configure, maintain, and optimize firewalls, VPNs, IDS/IPS, NAC, Cloud Security and secure VLAN segmentation to ensure network security.

Design and manage the organization SD-Wan and its policies

Implement a ZERO Trust environment

Establish secure data channels allowing for health data sharing and interoperability

Creating secure trusts between ACRN and its partner sites.

Troubleshoot network connectivity and integration issues related to HL7 data exchange and interoperability.

Data Security & Compliance

Implement encryption, access control, and data loss prevention (DLP) strategies to protect HIS/EHR and sensitive patient records.

Ensure compliance with healthcare data protection regulations (HIPAA, HITECH, POPIA, GDPR, GCP, GLP, ISO 27001).

Conduct risk assessments, vulnerability scans, and penetration testing to identify security gaps and implement remediation strategies.

Develop and enforce security policies and procedures for healthcare IT infrastructure.

Threat Management & Incident Response

Monitor SIEM (Security Information & Event Management) solutions for suspicious activity and potential security incidents.

Respond to cyber threats, malware, ransomware, and phishing attacks, and implement mitigation strategies.

Lead incident response and forensic investigations for security breaches affecting healthcare data.

Develop disaster recovery (DR) and business continuity (BC) plans to ensure minimal downtime in case of security incidents.

Manage Microsoft 365 environment security for all tools in the stack including Intune policies MDM, and Active directory online.

Interoperability & Health Data Exchange Security

Secure healthcare messaging protocols (HL7 v2.x, HL7 v3, FHIR, DICOM, X12, CDA, IHE).

Collaborate with EHR vendors, medical device manufacturers, and health information exchanges (HIEs) to ensure secure data exchange.

Monitor API security for FHIR-based applications and healthcare integrations.

Collaboration & Continuous Improvement

Work closely with healthcare IT teams, compliance officers, and clinicians to ensure secure and efficient IT operations.

Stay updated on emerging threats in healthcare cybersecurity, including medical device security, IoT threats, and cloud-based risks.

Provide security awareness training for healthcare staff to prevent insider threats and human error-based breaches.

Qualifications & Experience:

Bachelor’s degree in Computer Science, Cybersecurity, Healthcare Informatics, or a related field.

5+ years of experience in network security and IT infrastructure, preferably in a healthcare environment.

Strong knowledge of healthcare standards and data security (HL7, FHIR, DICOM, HIPAA, HITECH, ISO 27001, POPIA).

Hands-on experience with firewalls, VPNs, IDS/IPS, SIEM, and endpoint security solutions.

Proficiency in Cisco, Palo Alto, Fortinet, Juniper networking and security devices.

Experience securing EHRs, health information exchanges (HIEs), and cloud-based health platforms (AWS, Azure, Google Cloud for Healthcare).

Strong understanding of medical device security, IoT security, and cloud security best practices.

Knowledge of scripting and automation (Python, PowerShell, Bash) is an advantage.

Certifications (Preferred):

CCNA Security / CCNP Security

Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

HealthCare Information Security and Privacy Practitioner (HCISPP)

CompTIA Security+

Certified HL7 Specialist (optional, but a plus)

Key Competencies:

Strong problem-solving and analytical skills in network security and healthcare IT environments.

Excellent communication skills to work effectively with technical and non-technical stakeholders.

Ability to work under pressure in fast-paced healthcare environments with high data sensitivity.

Work Environment: 

This position can be based in Zimbabwe or South Africa, with occasional travel to other office locations as necessary. The role may require flexible working hours to support remote teams and ensure systems are running smoothly across time zones. 

Please apply online providing a covering letter specifically highlighting how your existing skills and experiences support fulfilling the responsibilities of this role.