Information Security Engineer II in Bridgeton, New Jersey at e4health

At e4health, we Empower Better Health. The e4health Team is on a relentless mission to care for those teams who care for others. We bring our passion, ingenuity, and expertise to every engagement. In joining our Team, we want your help to provide our customers with powerful solutions in the pursuit of quality, integrity, clinical and financial value across healthcare.

Our People make the difference. Serving more than 400 hospitals and health systems nationwide for nearly two decades, e4health provides solutions to tackle the toughest problems in healthcare with unmatched technology, mid-revenue cycle, and operational expertise. e4health solutions streamline clinical, financial, and health information data and workflows, optimize coding, quality, and clinical documentation integrity processes, and address health IT operational challenges to deliver material results for healthcare organizations across the country. Learn more about us at www.e4.health.

JOB DESCRIPTION

The Information Security Engineer II is a key member of the Information Security team, responsible for designing, implementing, and leading core security engineering and architectural deliverables. This role requires deep technical expertise and the ability to work independently, driving security initiatives across the healthcare system. The Information Security Engineer II collaborates with leadership, stakeholders, and subject matter experts to develop secure, scalable solutions that align with regulatory requirements, business objectives, and evolving cybersecurity threats.

The Information Security Team's primary purpose is to ensure the resiliency, security, and integrity of the organization's computing environment, protect patient and employee confidential information, and comply with regulatory requirements nationally. In partnership with Clinical, Financial, Knowledge Management, Ambulatory and Systems Engineering teams, the Information Security Team drives Information Security standards into delivered solutions. This position provides a hybrid work environment allowing the Information Security Engineer to work from a home environment and on site.

RESPONSIBILITIES

• Lead the architectural design and implementation of enterprise security solutions, ensuring alignment with industry best practices and regulatory requirements (e.g., HIPAA, PCI, NIST).
• Independently drive security engineering projects, including but not limited to:
• Zero Trust architecture adoption
• Network segmentation and redesign
• Identity and Access Management (IAM) modernization
• Cloud security governance
• Advanced threat protection and endpoint security solutions
• Design, implement, and maintain secure systems, including servers, firewalls, intrusion detection/prevention systems, and other security devices.
• Establish and enforce security policies, standards, and best practices across IT, Infrastructure, and third-party integrations.
• Conduct security risk assessments and vulnerability management, overseeing proactive threat hunting efforts to mitigate risks in healthcare IT environments
• Act as a subject matter expert (SME) in security architecture, advising on secure network and system design, including micro-segmentation, software-defined networking, and next-generation firewalls
• Spearhead the evaluation, selection, and deployment of security technologies such as:

- Extended Detection and Response (XDR)

- Security Information and Event Management (SIEM)

-Managed Detection and Response (MDR)

-Privileged Access Management (PAM)

-Network Access Control (NAC)

-Data Loss Prevention (DLP)

• Lead incident response efforts, forensic investigations, and root cause analysis of security events.
• Provide mentorship and technical guidance to Information Security Analysts and junior engineers, fostering a culture of continuous improvement and knowledge sharing.
• Oversee and improve security monitoring, log analysis, and automated security response workflows using SIEM and SOAR platforms.
• Ensure compliance with cybersecurity frameworks such as NIST CSF, CIS Benchmarks, HITRUST, and ISO 27001.
• Develop and maintain security documentation, including security architecture diagrams, standard operating procedures, project plans, and governance reports.
• Collaborate with executive leadership and IT teams to align security initiatives with business objectives, balancing security with operational efficiency.

• High School diploma or GED required. BA or BS Degree in Computer Information Technology or related degree is preferred. Candidates must meet any minimum position experience and/or certification requirements to be eligible for consideration.
• 5+ years of experience in the Information Security field as an Information Security Analyst or Engineer
• 3+ years of experience leading enterprise-class security projects with minimal supervision.
• Ability to design, implement and maintain security solutions such as EDR (Endpoint Detection & Response), MDR (Managed Detection & Response) solutions, Vulnerability Management solutions, and DLP (Data Loss Prevention) programs.
• Extensive hands-on experience with security tools and technologies, including SIEM, SOAR, network traffic analysis, email security gateways, and asset management systems.
• Strong understanding of network security principles, segmentation strategies, and Zero Trust methodologies.
• Experience with forensic analysis, penetration testing, and security event correlation.
• Strong documentation skills and experience creating Project Plans, Visio Diagrams, SOPs, RFPs, etc.
• Experience leading security automation initiatives using scripting languages such as Python, PowerShell, or Bash is a plus.
• Familiarity with Infrastructure as Code (IaC) security in DevSecOps environments is highly desirable.
• Strong interpersonal skills, in addition to effective customer interaction skills
• Familiarity with threat hunting and overseeing vulnerability management programs.
• Knowledge of Logical Access Controls and Least Privilege reviews
• Strong knowledge in NIST Risk Management Framework, HIPAA compliance, PCI Guidelines and CIS Benchmarks
• Ability to work well under deadlines and in a fast-paced environment.
• Certification/ Licensure:
• CompTIA Security+ preferred.
• CompTIA Advanced Security Practitioner (CASP+) preferred.

e4health is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

At our organization, we believe in the principles of pay transparency to foster a fair and equitable workplace for all employees. In alignment with this commitment, we openly communicate salary ranges, bonus structures, and additional financial benefits associated with each position. We believe that transparency in compensation not only promotes trust and accountability but also helps mitigate wage gaps and biases. By providing clear and comprehensive information about compensation in our job descriptions, we aim to create a transparent and inclusive environment where all employees feel valued and respected. Join us in building a culture of fairness and transparency as we strive for excellence together.