Senior Cyber Security Engineer - Governance Risk and Complianc

The Sr Cyber Security Engineer continuously monitors the vulnerability of the enterprise and develops engineering solutions to improve the security of the Healthfirst infrastructure. The Sr Cyber Security Engineer applies expertise across the Cyber Security discipline by demonstrating competency in IT Infrastructure and Application Development. The individual filling the Governance Risk and Compliance (GRC) Senior Cyber Security Engineer role will be able to work effectively across to bring Cybersecurity, information technology, and GRC expertise to evaluate compliance of existing systems as well as help build compliant systems with reliable security controls.

Duties and Responsibilities:

• Ensure Healthfirst systems and work completed are secure and compliant with policies, standards, guidelines, and laws (i.e., HIPAA, MITRE, NIST, HITRUST, etc.)
• Apply security engineering and implementation expertise to ensure the security of Healthfirst infrastructure
• Ensure IT security solutions and/or initiatives are delivered within financial targets
• Lead multiple security capabilities and/or Programs such as EDR, GRC, Incident Response, PAM, IAM, SOAR. DLP, SEIM, Insider Threat, etc.
• Partner closely and work collaboratively with key stakeholders, team members, and senior leadership in accomplishing cyber security responsibilities and initiatives
• Lead technical teams as assigned and needed
• Assists department leadership by providing informal coaching and direction to Cyber Security Engineers
• Develop and document security procedures in alignment with security policies and audit oversight
• Additional duties as assigned or required

Minimum Qualifications:

• Technical Degree in Computer Science or Cyber Security and/or equivalent work experience
• Prior work Cyber Security work experience
• Experience in security engineering, vulnerability assessment, threat hunting, and incident response
• High School diploma or GED from an accredited institution

Preferred Qualifications:

• Work experience in network penetration, incident response and governance risk and compliance
• Experience implementing and maturing security processes or solutions. (i.e. EDR, SIEM, GRC, Firewall, DLP, CASB, UEBA, DLP, Vulnerability Management, Red Teaming, Threat Hunting, or A&A, etc.)
• Advanced understanding of network and server infrastructure such as AWS and Azure.
• Advanced Cyber Security expertise
• Experience communicating across teams and with key stakeholders
• Experience leading teams and developing others
• Security Plus, CISSP, CISA, CEH, and Operating Certifications
• Assessing compliance of existing systems and work with program teams to identify and implement solutions
• Supporting secure development and implementing new solutions, capabilities, and provide guidance on security architecture and engineering
• This person will be responsible for leading GRC initiatives that cross organizational boundaries and be adept at leading in a way that delivers results, maintaining a balance between competing priorities and understands and helps stakeholders accomplish business objectives.

Compliance and Regulatory Responsibilities: See Above

• License/Certification: See Above

WE ARE AN EQUAL OPPORTUNITY EMPLOYER. Applicants and employees are considered for positions and are evaluated without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, age, genetic information, military or veteran status, marital status, mental or physical disability or any other protected Federal, State/Province or Local status unrelated to the performance of the work involved.

If you have a disability under the Americans with Disability Act or a similar law and want a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to careers@Healthfirst.org or calling 212-519-1798 . In your email please include a description of the accommodation you are requesting and a description of the position for which you are applying. Only reasonable accommodation requests related to applying for a position within Healthfirst Management Services will be reviewed at the e-mail address and phone number supplied. Thank you for considering a career with Healthfirst Management Services.

EEO Law Poster and Supplement

All hiring and recruitment at Healthfirst is transacted with a valid “@healthfirst.org” email address only or from a recruitment firm representing our Company. Any recruitment firm representing Healthfirst will readily provide you with the name and contact information of the recruiting professional representing the opportunity you are inquiring about. If you receive a communication from a sender whose domain is not @healthfirst.org, or not one of our recruitment partners, please be aware that those communications are not coming from or authorized by Healthfirst.  Healthfirst will never ask you for money during the recruitment or onboarding process.

Hiring Range*:

• Greater New York City Area (NY, NJ, CT residents): $131,900 - $190,570

• All Other Locations (within approved locations): $117,400 - $174,675

As a candidate for this position, your salary and related elements of compensation will be contingent upon your work experience, education, licenses and certifications, and any other factors Healthfirst deems pertinent to the hiring decision.

In addition to your salary, Healthfirst offers employees a full range of benefits such as, medical, dental and vision coverage, incentive and recognition programs, life insurance, and 401k contributions (all benefits are subject to eligibility requirements). Healthfirst believes in providing a competitive compensation and benefits package wherever its employees work and live.

*The hiring range is defined as the lowest and highest salaries that Healthfirst in “good faith” would pay to a new hire, or for a job promotion, or transfer into this role.