E4 Health

Information Security Engineer II

E4 Health$90K — $120K *
Healthcare
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • High School diploma or GED required, BA or BS in Computer Information Technology preferred.
  • 5+ years of experience in Information Security as an Analyst or Engineer.
  • 3+ years leading enterprise-class security projects independently.
  • Hands-on experience with EDR, MDR, Vulnerability Management, and DLP solutions.
  • Extensive knowledge of SIEM, SOAR, and network traffic analysis tools.
  • Strong understanding of Zero Trust methodologies and network security principles.
  • Experience in forensic analysis and security event correlation.

Responsibilities

  • Lead architectural design and implementation of enterprise security solutions.
  • Drive independent security engineering projects focused on Zero Trust and IAM modernization.
  • Design and maintain secure systems and infrastructures including firewalls and intrusion detection.
  • Establish and enforce security policies across IT and third-party integrations.
  • Conduct security risk assessments and manage proactive threat hunting in healthcare IT.
  • Act as a subject matter expert in security architecture for network design and firewall strategies.
  • Lead incident response and forensic investigations, ensuring thorough root cause analysis.

Benefits

  • Hybrid work environment allowing flexibility between home and site.
  • Opportunities for mentorship and career development within the team.
  • Access to cutting-edge security technologies and frameworks.
  • Collaborative multi-departmental teamwork fostering knowledge exchange.
  • Focus on continuous improvement and professional growth in cybersecurity.
Full Job Description
JOB DESCRIPTION

The Information Security Engineer II is a key member of the Information Security team, responsible for designing, implementing, and leading core security engineering and architectural deliverables. This role requires deep technical expertise and the ability to work independently, driving security initiatives across the healthcare system. The Information Security Engineer II collaborates with leadership, stakeholders, and subject matter experts to develop secure, scalable solutions that align with regulatory requirements, business objectives, and evolving cybersecurity threats.

The Information Security Team's primary purpose is to ensure the resiliency, security, and integrity of the organization's computing environment, protect patient and employee confidential information, and comply with regulatory requirements nationally. In partnership with Clinical, Financial, Knowledge Management, Ambulatory and Systems Engineering teams, the Information Security Team drives Information Security standards into delivered solutions. This position provides a hybrid work environment allowing the Information Security Engineer to work from a home environment and on site.

RESPONSIBILITIES

  • Lead the architectural design and implementation of enterprise security solutions, ensuring alignment with industry best practices and regulatory requirements (e.g., HIPAA, PCI, NIST).
  • Independently drive security engineering projects, including but not limited to:
  • Zero Trust architecture adoption
  • Network segmentation and redesign
  • Identity and Access Management (IAM) modernization
  • Cloud security governance
  • Advanced threat protection and endpoint security solutions
  • Design, implement, and maintain secure systems, including servers, firewalls, intrusion detection/prevention systems, and other security devices.
  • Establish and enforce security policies, standards, and best practices across IT, Infrastructure, and third-party integrations.
  • Conduct security risk assessments and vulnerability management, overseeing proactive threat hunting efforts to mitigate risks in healthcare IT environments
  • Act as a subject matter expert (SME) in security architecture, advising on secure network and system design, including micro-segmentation, software-defined networking, and next-generation firewalls
  • Spearhead the evaluation, selection, and deployment of security technologies such as:

- Extended Detection and Response (XDR)

- Security Information and Event Management (SIEM)

-Managed Detection and Response (MDR)

-Privileged Access Management (PAM)

-Network Access Control (NAC)

-Data Loss Prevention (DLP)
  • Lead incident response efforts, forensic investigations, and root cause analysis of security events.
  • Provide mentorship and technical guidance to Information Security Analysts and junior engineers, fostering a culture of continuous improvement and knowledge sharing.
  • Oversee and improve security monitoring, log analysis, and automated security response workflows using SIEM and SOAR platforms.
  • Ensure compliance with cybersecurity frameworks such as NIST CSF, CIS Benchmarks, HITRUST, and ISO 27001.
  • Develop and maintain security documentation, including security architecture diagrams, standard operating procedures, project plans, and governance reports.
  • Collaborate with executive leadership and IT teams to align security initiatives with business objectives, balancing security with operational efficiency.


Requirements

  • High School diploma or GED required. BA or BS Degree in Computer Information Technology or related degree is preferred. Candidates must meet any minimum position experience and/or certification requirements to be eligible for consideration.
  • 5+ years of experience in the Information Security field as an Information Security Analyst or Engineer
  • 3+ years of experience leading enterprise-class security projects with minimal supervision.
  • Ability to design, implement and maintain security solutions such as EDR (Endpoint Detection & Response), MDR (Managed Detection & Response) solutions, Vulnerability Management solutions, and DLP (Data Loss Prevention) programs.
  • Extensive hands-on experience with security tools and technologies, including SIEM, SOAR, network traffic analysis, email security gateways, and asset management systems.
  • Strong understanding of network security principles, segmentation strategies, and Zero Trust methodologies.
  • Experience with forensic analysis, penetration testing, and security event correlation.
  • Strong documentation skills and experience creating Project Plans, Visio Diagrams, SOPs, RFPs, etc.
  • Experience leading security automation initiatives using scripting languages such as Python, PowerShell, or Bash is a plus.
  • Familiarity with Infrastructure as Code (IaC) security in DevSecOps environments is highly desirable.
  • Strong interpersonal skills, in addition to effective customer interaction skills
  • Familiarity with threat hunting and overseeing vulnerability management programs.
  • Knowledge of Logical Access Controls and Least Privilege reviews
  • Strong knowledge in NIST Risk Management Framework, HIPAA compliance, PCI Guidelines and CIS Benchmarks
  • Ability to work well under deadlines and in a fast-paced environment.
  • Certification/ Licensure:
  • CompTIA Security+ preferred.
  • CompTIA Advanced Security Practitioner (CASP+) preferred.

About E4 Health

E4 group is a Russian engineering company, one of the biggest in the Russian Federation. With a presence in all federal districts of Russia, it has a total of 20,000 employees. The current CEO of E4 Group is Danil Nikitin.
Learn more about E4 Health
Industry

Similar Jobs

More Jobs at E4 Health

More Healthcare Jobs

Find similar Information Security Engineer II jobs: