A 44​/Security Engineer

Overview

Our direct client has an opening for a Security Engineer with Healthcare experience (Job #750759). This is a 12+ month contract with the option of extension. The position is remote, but the contractor may be required to be on-site in Raleigh, NC, as requested for meetings. Candidate must work EST business hours.

• Oversee and secure the organization’s Electronic Health Record (EHR) system, including managing access controls and conducting security audits.
• Develop and maintain security policies, procedures, and guidelines specific to the EHR environment; ensure compliance with HIPAA, HITECH, and other applicable regulations.
• Collaborate with IT, clinical, and compliance teams to protect patient data and the integrity of the EHR system.
• Monitor and enforce appropriate EHR access controls, conduct regular security audits, and mitigate identified risks or vulnerabilities.
• Coordinate with stakeholders to implement and maintain security tools (firewalls, IDS/IPS, encryption) as applicable to the EHR system.
• Oversee user provisioning/de-provisioning and manage RBAC; ensure logs and access records are maintained for auditing and compliance.
• Respond to and investigate security incidents; perform risk assessments for new modules or integrations; coordinate breach notification where required.
• Collaborate with EHR implementation/optimization teams to integrate security into deployments; align with overall cybersecurity strategy.
• Stay informed about emerging threats and best practices; recommend improvements to the EHR security environment.

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field (relevant experience may substitute for formal education).
• Security certifications (e.g., CISSP, CISM, HCISPP) are highly desirable.
• 3–5 years of IT security experience, preferably in healthcare; experience with EHR systems and HIPAA/privacy/security audits.
• Knowledge of RBAC, identity management, and data encryption in healthcare IT; familiarity with healthcare regulations including HIPAA and HITECH.
• Strong problem-solving, analytical, and cross-functional communication skills.
• Ability to manage security incidents and respond effectively; familiarity with healthcare IT infrastructure (networks, firewalls, database security).

• Occasional travel to different healthcare facilities within the organization.
• On-call availability for security incidents.

By applying, you may receive additional job advertisements. This description retains the core responsibilities and qualifications of the role without extraneous site-specific or marketing copy.