Infomation Systems Security Engineer

About The Position

Requirements

• Bachelor’s degree or equivalent practical experience.
• 5+ years in IT Infrastructure and/or Information Security.
• 5+ years of hands-on cybersecurity experience (incident response, vulnerability management, cloud or application security, forensics, etc.).
• CISSP or equivalent security certification.
• Hands-on experience with Fortinet security solutions, including firewall configuration, monitoring, and policy management, is highly desirable.
• Proven experience building and managing enterprise-level security programs.
• Strong knowledge of: Network, application, cloud, and endpoint security. AWS, Microsoft 365, Active Directory, private cloud environments. Risk management frameworks and compliance standards.
• Experience leading security incidents end-to-end.
• Ability to clearly communicate complex security topics to both technical and non-technical audiences.
• Curiosity, adaptability, and a continuous-learning mindset.

Nice To Haves

• Threat intelligence, attack simulation, and red/blue team experience.
• IAM, PIM, and PAM implementation experience.
• Vulnerability management and remediation expertise.
• Familiarity with scripting and automation (Python, PowerShell).
• Experience analyzing network, application, and system telemetry.
• Strong documentation and reporting skills.

Responsibilities

• Own and evolve HFI’s information security strategy, aligning with business goals and industry best practices.
• Design, implement, and manage security operations across networks, systems, applications, and data.
• Lead incident response, threat detection, vulnerability management, and forensic investigations.
• Ensure compliance with HIPAA, HITECH, HITRUST, ISO 27001, SOC 2, and client security requirements.
• Evaluate and respond to client security assessments, audits, and contractual obligations.
• Manage third-party risk, penetration testing, and remediation efforts.
• Translate security risk into clear, actionable insights for executive leadership.
• Champion a culture of security through training, awareness, and accountability.
• Serve as a security advisor and thought leader across projects with privacy or risk implications.
• Collaborate with Infrastructure to mature and optimize cybersecurity tooling and controls.

Benefits

• Make a real impact protecting healthcare data and client trust.
• Own and shape a security program not just tickets and tools.
• Partner with engaged leadership who values security as a business enabler.
• Work in a collaborative, mission-driven environment that values expertise and accountability.