Location Details: Role is fully remote, but candidates must reside in RI, VT, CT, MA, NH, ME, NY or Florida. Must be open to traveling onsite if needed.
Duration: 6 months to start
Job Description
Our client is seeking a highly skilled and motivated Security Engineer to join our team. The ideal candidate will have hands-on experience in building and maintaining comprehensive security programs in healthcare environments, with a proven track record of identifying and mitigating risks to critical IT infrastructure. You will play a key role in safeguarding patient data and ensuring the security of this organization s growing digital ecosystem.
The Security Engineer will work closely with IT, Compliance, and Clinical teams to develop, implement, and manage security solutions that align with healthcare regulations such as HIPAA, HITECH, and other industry standards. You ll be responsible for identifying vulnerabilities, responding to incidents, and proactively strengthening the organization's security posture.
Key Responsibilities
- Security Program Development & Maintenance: Design, implement, and manage a comprehensive security program to protect sensitive healthcare data and systems in alignment with HIPAA, HITECH, and other regulatory frameworks.
- Risk Management & Incident Response: Lead risk assessments, identify vulnerabilities, and establish incident response protocols to protect against data breaches, cyberattacks, and insider threats.
- Network & Systems Security: Work with the IT department to secure network infrastructure, ensure endpoint protection, and maintain system integrity across the company s internal and external environments.
- Security Audits & Compliance: Conduct regular security audits, ensuring compliance with internal policies and external regulatory requirements, including HIPAA and PCI DSS.
- Security Awareness & Training: Develop and deliver security awareness programs to educate staff across various levels of the organization on best practices for safeguarding data and systems.
- Collaboration & Stakeholder Engagement: Partner with internal teams and external vendors to ensure that security tools and services meet the evolving needs of the organization s digital landscape.
- Vulnerability Management & Remediation: Utilize vulnerability management tools to identify and remediate weaknesses in infrastructure and applications.
- Monitoring & Incident Handling: Implement and manage security monitoring tools (SIEM, IDS/IPS), responding to alerts and resolving incidents in a timely manner.
- Emerging Threats & Solutions: Stay up-to-date with the latest cybersecurity threats, trends, and solutions to continuously enhance the organization s security posture.
Qualifications & Experience:
- Education: Bachelor s degree in Computer Science, Information Security, or related field preferred.
Certifications:
- CISSP (Certified Information Systems Security Professional)** required.
- Additional certifications such as CISM, CEH, or GIAC are a plus.
Experience:
- Minimum of 5 years of experience in information security, with a focus on healthcare security environments.
- Demonstrated experience in building, maintaining, and improving security programs, with a deep understanding of regulatory compliance frameworks in healthcare (HIPAA, HITECH, etc.).
Technical Expertise:
- Proficiency in risk management, vulnerability management, and incident response.
- Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and vulnerability scanning solutions.
- Strong understanding of network security architecture and cloud security (AWS, Azure).
- Healthcare Security Knowledge: Familiarity with electronic health record (EHR) systems, medical devices, and the unique security challenges in healthcare environments
Soft Skills:
- Strong communication and collaboration skills.
- Ability to work cross-functionally and communicate technical concepts to non-technical stakeholders.
