- Full Time
The IS Security Engineer (Risk and Awareness) role is the second level of a three level career path. The IS Security Engineer, under general supervision, is responsible for developing and conducting a comprehensive risk based technical security and compliance audits within, or across technical corridors. This position is responsible for giving risk guidance and suggested mitigation to MaineHealth leadership and staff. This position is also responsible for contributing to the security awareness program. This position requires both a strategic and tactical focus, with strong technical and compliance knowledge including, but not limited to, network, platform, and application security technologies as well as, HIPAA, Security/Privacy, Business Continuity/Disaster Recovery, NIST based security and risk management standards, and industry best practice security standards. Other activities may include developing, implementing and managing security policies, procedures and standards.
Associates’ degree in a related field of study or equivalent experience.
Professional certification in either technical security or within a relevant networking or platform technology a plus
Three years of experience with conducting risk assessments and planning remediation/mitigation activities. Experience working in a regulated environment preferred. Experience working in a GRC tool a plus.
Strong working knowledge of information, cybersecurity, and technology risk concepts with the ability to articulate the risks in business terms.
Strong written/verbal interpersonal communication skills with the ability to build consensus and interact effectively with diverse internal and external audiences, including peers, stakeholders, management, sponsors, and vendors.
Demonstrated technical acumen to understand technology and the opportunities and risks it presents.
Demonstrated knowledge of cybersecurity awareness programs.
Demonstrated analytical and problem-solving skills.
Demonstrated team player.
Required Minimum Knowledge, Skills, and Abilities (KSAs) Education : Associates degree in a related field of study or equivalent work experience.
License/Certifications : Professional certification in either technical security or within a relevant networking or platform technology.
Experience : 3 years’ IT experience in complex environments and a working knowledge of computer networking and platforms, including (but not limited to) network operating systems, firewalls, intrusion detection/prevention systems, wireless security including wireless intrusion prevention systems, web proxies, vulnerability scanning technologies, VPN’s, Windows and Unix-based platforms, identity management, IT incident response, and network architecture.
Knowledge of application security concepts from a secure coding, secure design, and ongoing change management and monitoring perspective.
A high level of demonstrated organizational skill supporting business and process analysis and process implementation in moderately complex environments.
Strong prioritization skills and able to handle multiple tasks effectively.
Active problem solver, working across multiple IS and business teams for solutions.
Strong business knowledge / acumen.
Ability to partner with others to overcome obstacles.
Articulate appropriately both in written and oral form, and collaborate with multiple teams regarding security and privacy obligations and duties.
With a career at any of the MaineHealth locations across Maine and New Hampshire, you’ll be working with health care professionals that truly value the people around them – both within the walls of the organization and the communities that surround it.
We offer benefits that support an individual’s needs for today and flexibility to plan for tomorrow – programs such as paid parental leave, a flexible work policy, student loan assistance, training and education, along with well-being resources for you and your family.
MaineHealth remains focused on investing in our care team and developing an inclusive environment where you can thrive and feel supported to realize your full potential. If you’re looking to build a career in a place where people help one another deliver best-in-class care, apply today.