Children's NebraskaRemote
Security Engineer / Information Technology
United States of America
Full Time
5 hours ago
Visa Sponsor
Key skills
PythonBashPowerShellAzureAzure ADEntra IDActive DirectoryIdentity ManagementRisk ManagementTime ManagementPenetration TestingNetwork Security
About this role
Children's Nebraska is the region’s only full-service pediatric healthcare center, dedicated to providing excellent care for children. The Security Engineer plays a critical role in safeguarding patient data and hospital infrastructure by designing, implementing, and maintaining security controls while ensuring compliance with relevant regulations.
Responsibilities:
- Design, deploy, and maintain security infrastructure including firewalls, IDS/IPS, SIEM, endpoint protection, and identity management systems
- Architect and implement zero-trust network segmentation
- Evaluate, recommend, and integrate new security technologies that align with healthcare operational requirements
- Collaborate with IT and clinical teams to embed security into the design of new systems, applications, and medical device integrations
- Configure and manage Microsoft Purview compliance solutions including Data Loss Prevention (DLP), Information Protection sensitivity labels, and Insider Risk Management policies to safeguard PHI and PII
- Administer Entra ID (Azure AD) security controls including Conditional Access policies, Privileged Identity Management (PIM), Identity Protection risk policies, and Multi-Factor Authentication (MFA) enforcement
- Monitor and harden Exchange Online, SharePoint Online, OneDrive, and Teams environments against phishing, data exfiltration, and unauthorized sharing threats
- Review and approved endpoint compliance policies, mobile device management (MDM), and mobile application management (MAM) across hospital-issued and BYOD devices
- Conduct regular review of M365 audit logs, sign-in logs, and unified audit log (UAL) for anomalous activity and policy violations
- Monitor security events and alerts using SIEM and other security tools; investigate and triage potential security incidents
- Lead and participate in incident response activities including containment, eradication, recovery, and post-incident review
- Conduct threat hunting exercises to proactively identify indicators of compromise within the environment
- Develop and refine detection rules, use cases, and playbooks tailored to healthcare threat landscapes
- Perform regular vulnerability assessments and coordinate and lead penetration testing across network, application, and medical device environments
- Prioritize and track remediation of identified vulnerabilities in partnership with asset owners and IT operations
- Maintain awareness of emerging threats, CVEs, and healthcare-specific security advisories (e.g., HHS HC3, FBI alerts)
- Researches and writes security 'effective practices' as 'living documents' which are updated as the environment changes. This role includes Policy Implementation
- Collaborates with Information Security Team to create policies, procedures and best practices
- Champion a culture of security consciousness across all hospital departments and service lines
- Serve as a trusted advisor to clinical and operational leaders on security best practices and risk trade-offs
- Regular attendance at work is an essential function of the job
- Perform physical requirements as described in the Physical Requirements section
Requirements:
- Bachelor's Degree from an accredited college or university in Cyber-Security, Networking, Computer Science, Information Systems, Engineering or related field
- equivalent work experience may be substituted for education
- Minimum 3–5 years of hands-on experience in information security engineering or a related security role experience
- Minimum 3 years of progressively responsible experience performing Windows system administration duties in a critical production environment, preferably healthcare
- Proficiency in network security concepts: TCP/IP, VLANs, VPNs, DNS, firewalls, and network access control
- Hands-on experience with the Microsoft 365 security stack including Entra ID, Purview, PIM, and Intune
- Working knowledge of directory services and identity management (Active Directory, Azure AD, MFA, PAM)
- Scripting or automation skills (Python, PowerShell, or Bash) for security tooling and workflow automation
- Ability to communicate effectively both verbally and in writing
- Strong interpersonal and team building skills
- Effective planning, organizational, time management and prioritizing skills
- Expert knowledge of application and implementation of HIPAA control implementation
- Experience operating within regulated industries; healthcare or financial services experience
- Proven track record in incident response, including leading or participating in security incident investigations
- Certified Ethical Hacker (CEH)
- GAC Certified Forensic Analyst (GCFA)