IT Security Engineer III- GRC SME jobs in United States
cer-icon
Apply on Employer Site
company-logo

Endeavor Health · 3 weeks ago

IT Security Engineer III- GRC SME

positionNCO 3040 Salt Creek Ln Arlington Heights
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$41.64/hr - $64.54/hr
date8+ years exp

Endeavor Health is a fully integrated healthcare delivery system committed to providing access to quality care. The Security Engineer III – GRC is responsible for enhancing cybersecurity through governance, risk management, and compliance activities, collaborating with various teams to evaluate security risks and support compliance initiatives.

CommunitiesHealth CareMedicalTherapeutics
check
H1B Sponsor Likelynote

Responsibilities

Execute cybersecurity risk assessments, control reviews, and governance activities across infrastructure, applications, cloud services, and medical technologies
Conduct cybersecurity and compliance assessments aligned with HIPAA Security and Privacy Rules, internal policies, and applicable regulatory and industry standards
Identify cybersecurity risks related to medical devices, applications, and systems, and provide actionable mitigation and remediation recommendations
Support internal and external audits, including coordination with Internal Audit, third-party assessors, and penetration testing teams
Participate in security reviews of new and existing systems to ensure security requirements are met prior to implementation
Lead or support cybersecurity incident response activities in coordination with cross-functional teams
Manage and contribute to multiple cybersecurity and GRC-related projects simultaneously
Design and implement comprehensive security controls incorporating emerging technologies and industry best practices
Mentor and train junior staff on cybersecurity tools, processes, and governance practices

Qualification

Cybersecurity risk assessmentsGovernanceRisk managementComplianceSecurity frameworks knowledgeCybersecurity certificationsHealthcare regulatory knowledgeProject coordinationTechnical leadershipMentoring junior staffIT service managementCommunication skills

Required

Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field. Equivalent professional experience may be considered in lieu of a degree
At least one active, industry-recognized cybersecurity or GRC-related certification, such as: Security+ / GSEC / SSCP / CRISC / CISA (acceptable if security-focused)
Eight (8) or more years of combined IT and cybersecurity experience
Demonstrated experience leading or independently executing security initiatives
Hands-on experience supporting, securing, and documenting at least two enterprise applications or platforms
Experience performing risk assessments, control evaluations, or compliance activities
Experience collaborating with infrastructure, application, and operations teams

Preferred

Strong working knowledge of information security governance, risk management, and compliance principles
Demonstrated understanding of security frameworks and standards, including: HIPAA Security Rule, NIST (800-53, 800-30, 800-61, 800-171), ISO 27001 (working knowledge), PCI-DSS
Experience assessing and advising on technical and operational security controls
Familiarity with enterprise security domains, including: Endpoint security (EDR, anti-malware), Vulnerability management, Network and application security, Cloud security concepts
Ability to translate technical risk into business and compliance impact
Proven leadership and project coordination skills in a matrixed environment
Strong written and verbal communication skills, including security documentation and executive-level reporting
Ability to mentor junior staff and contribute to team knowledge development
Familiarity with IT service management and project methodologies (e.g., ITIL, Agile, or Waterfall)

Benefits

Incentive pay for select positions
Opportunity for annual increases based on performance
Career Pathways to Promote Professional Growth and Development
Various Medical, Dental, Pet and Vision options
Tuition Reimbursement
Free Parking
Wellness Program Savings Plan
Health Savings Account Options
Retirement Options with Company Match
Paid Time Off and Holiday Pay
Community Involvement Opportunities

Company

Endeavor Health

twittertwitter
company-logo
Endeavor Health is a health system helping community health and wellbeing, advancing health equity, and supporting local economic growth.
location
Evanston, Illinois, USA
people-size10001+ employees
web-link
https://www.endeavorhealth.org

H1B Sponsorship

Endeavor Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)

Funding

Current Stage
Late Stage
Total Funding
$2M
Key Investors
U.S. Department of Justice
2024-12-16Grant· $2M

Leadership Team

leader-logo
Laura Morgan
System Vice President, Chief Compliance Officer
linkedin
leader-logo
Brad Bennett
System Assistant Vice President, Venture Partnerships and Funding
linkedin

Recent News

PR Newswire
Endeavor Health part of first-of-its-kind trial to diagnose CTE in live patients
2026-01-06
PR Newswire
Endeavor Health Awards $5 Million to Loaves & Fishes to Expand Regional Food Access
2025-12-10
Medical Xpress - latest medical and health news stories
Once-weekly eloralintide leads to 20% weight loss in Phase II trial
2025-11-11
Company data provided by crunchbase