Be an early applicantLess than 25 applicants

Company

Currance · 20 hours ago

IT Security Engineer

United States

Full-time

Remote

Senior Level, Lead/Staff

$115K/yr - $140K/yr

10+ years exp

Maximize your interview chances

Health CareHospital

Insider Connection @Currance

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Identify and resolve vulnerabilities across on-premises and cloud-based networks, applications, and systems, with a focus on Azure Security Center

Monitor both on-premises and cloud-based networks and systems for security threats or breaches using Barracuda, Azure Sentinel, and other cloud security tools

Respond to cloud and on-premises security incidents by investigating alerts, identifying breaches, and taking immediate action to contain and mitigate potential damages

Implement risk mitigation strategies tailored for hybrid and multi-cloud environments to reduce the impact of potential breaches

Perform root cause analysis for incidents in both on-premises and cloud environments, refining security protocols and controls based on lessons learned

Conduct regular security audits and vulnerability assessments in cloud environments to assess risks and strengthen cloud defense mechanisms

Implement and maintain a vulnerability management program that includes timely patches and updates for both cloud and on-premises systems

Develop and maintain cloud-focused disaster recovery plans that ensure continuity of critical healthcare services in the event of a cyberattack

Test and validate the effectiveness of security elements within cloud-based disaster recovery and business continuity plans

Create and enforce security policies and controls that comply with healthcare and government regulations (HIPAA, HITECH, etc.), and align with cloud specific best practices and the HITRUST security framework

Ensure that security protocols for cloud and hybrid infrastructures meet healthcare regulations and industry frameworks

Update cloud security policies, baselines, and procedures based on evolving threats and cloud compliance requirements

Document cloud security practices and prepare for cloud-specific external and internal audits

Document all security incidents and mitigation actions in line with HIPAA breach notification and HITRUST requirements

Resolve penetration test findings before they are exploited

Configure firewalls, antivirus software, and cloud-native security solutions (e.g., Azure Firewall) to secure hybrid IT infrastructure

Manage identity and access management (IAM) solutions, leveraging on-prem Active Directory and Microsoft Entra ID in a hybrid configuration to ensure only authorized personnel access cloud-based sensitive data

Implement and maintain encryption solutions for data in transit and at rest within both on-premises and cloud environments

Ensure data encryption and privacy measures for protected health information (PHI) are implemented across hybrid and multi-cloud environments

Manage secure data storage, backup (Veeam), and disaster recovery for on-prem and cloud-based resources, preventing data loss or unauthorized access

Conduct regular privacy impact assessments on cloud platforms, to identify and mitigate risks to sensitive data

Educate Currance employees on cloud-specific security best practices, cloud phishing threats, and cybersecurity principles.

Develop, deliver and maintain a training program that highlights employee responsibilities in securing digital resources and staying compliant with security policies

Collaborate with compliance officers to ensure IT activities are aligned with healthcare regulations, aligned with HITRUST requirements and compliant with cloud service standards

Collaborate with cross-functional teams to integrate cloud security measures throughout DevOps pipelines, ensuring secure software development and deployment

Perform other duties as assigned

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

System security experienceNetwork security experienceApplication security experienceWindows server supportAzure cloud security engineeringActive Directory experienceMicrosoft Azure Security Engineer AssociateCybersecurity Architect ExpertAzure Solutions Architect ExpertAzure security services knowledgeComputer Science degreeLinux security experienceInfrastructure security testingApplication-level security testingFirewalls experienceVPN devices experienceMicrosoft/Office 365 securityMulti-factor Authentication knowledgePython scriptingPowerShell scriptingCISSP certificationCISM certificationSecure network architecture knowledgeHealthcare regulations knowledgeHITRUST knowledgeAzure Active Directory expertiseMulti-Factor Authentication expertiseEncryption protocols knowledgeData privacy standards knowledgeThreat intelligence knowledge

Required

Bachelor’s degree in Computer Science or equivalent experience

10+ years of system, network and/or application security experience

10+ years experience in supporting Windows server required + Linux security experience

5+ years of Azure cloud security engineering required

Minimum 5 years of experience in infrastructure or application-level security testing and auditing

5+ years of experience with Firewalls and VPN devices, SSL, HTTP/HTTPS, SSH, IPSEC, TCP/IP, LDAP, PGP, SFTP, Windows desktop/laptop and server operating systems, Windows Server, Active Directory, Group Policy Objects, Spam filters, Anti-Spyware and Anti-virus, Microsoft/Office 365 security services (incl. Multi-factor Authentication) and integration with on-premises Active Directory, scripting with Perl, Python, or PowerShell

Microsoft Azure Security Engineer Associate, Cybersecurity Architect Expert, Azure Solutions Architect Expert are essential.