Inmar Intelligence
Principal, Cybersecurity Engineer
Inmar Intelligence, Winston Salem, North Carolina, United States, 27104
2 weeks ago Be among the first 25 applicants
Job Summary
The
Principal Cybersecurity Engineer
is responsible for ensuring the security, compliance, and optimization of the organizations IT systems and services. This role combines oversight of regulatory complianceadhering to standards such as HIPAA, HITRUST, and other industry frameworkswith the design, implementation, and maintenance of robust cybersecurity programs. Acting as a technical leader and subject matter expert (SME), the Principal Engineer collaborates across teams to enhance security posture, protect against evolving threats, and support business continuity. This position requires deep expertise in cybersecurity principles, regulatory requirements, and best practices, alongside the ability to communicate effectively with both technical and executive stakeholders.
Security Leadership (20%): Develop, implement, and manage the Healthcare divisions overall security strategy to safeguard sensitive healthcare data, infrastructure, and applications. Collaborate with the enterprise security team on the design and maintenance of security controls, risk management strategies, and incident response protocols. Continuously monitor the security landscape and adapt the companys security posture to address new threats and vulnerabilities. Compliance Management (20%): Ensure the companys technology systems and practices comply with healthcare regulations (HIPAA, HITRUST, GDPR, etc.) and maintain all required certifications. Work closely with legal, HR, and operations teams to ensure adherence to internal and external policies governing data privacy and security. Conduct regular compliance audits and assessments to identify gaps and lead initiatives to close them. Collaboration with IT and Engineering Teams (20%): Work with IT, DevOps, and product teams to integrate security best practices throughout the software development lifecycle (SDLC). Implement secure-by-design methodologies in all technology solutions, ensuring that products are built with security from the ground up. Collaborate on infrastructure security, including network architecture, cloud security, and endpoint protection. Lead risk assessment efforts across all technology platforms and services, identifying potential threats and vulnerabilities. Develop and maintain a robust incident response plan, ensuring readiness to handle security breaches, data loss, or regulatory incidents. Oversee the investigation of security incidents, including data breaches, and manage the communication process with internal and external stakeholders. Training and Awareness (15%): Develop and implement security awareness programs for all employees, ensuring that security and compliance are ingrained in the company culture. Provide leadership and education on emerging security threats and regulatory changes to senior management and key stakeholders. Regulatory and Client Relationships (10%): Maintain strong relationships with regulatory bodies and clients to ensure transparency and compliance in all data security matters. Serve as the main point of contact for regulatory audits and certifications related to security and compliance.
Job Summary
The
Principal Cybersecurity Engineer
is responsible for ensuring the security, compliance, and optimization of the organizations IT systems and services. This role combines oversight of regulatory complianceadhering to standards such as HIPAA, HITRUST, and other industry frameworkswith the design, implementation, and maintenance of robust cybersecurity programs. Acting as a technical leader and subject matter expert (SME), the Principal Engineer collaborates across teams to enhance security posture, protect against evolving threats, and support business continuity. This position requires deep expertise in cybersecurity principles, regulatory requirements, and best practices, alongside the ability to communicate effectively with both technical and executive stakeholders.
Key Responsibilities
Security Leadership (20%): Develop, implement, and manage the Healthcare divisions overall security strategy to safeguard sensitive healthcare data, infrastructure, and applications. Collaborate with the enterprise security team on the design and maintenance of security controls, risk management strategies, and incident response protocols. Continuously monitor the security landscape and adapt the companys security posture to address new threats and vulnerabilities. Compliance Management (20%): Ensure the companys technology systems and practices comply with healthcare regulations (HIPAA, HITRUST, GDPR, etc.) and maintain all required certifications. Work closely with legal, HR, and operations teams to ensure adherence to internal and external policies governing data privacy and security. Conduct regular compliance audits and assessments to identify gaps and lead initiatives to close them. Collaboration with IT and Engineering Teams (20%): Work with IT, DevOps, and product teams to integrate security best practices throughout the software development lifecycle (SDLC). Implement secure-by-design methodologies in all technology solutions, ensuring that products are built with security from the ground up. Collaborate on infrastructure security, including network architecture, cloud security, and endpoint protection. Risk Assessment & Incident Response (15%): Lead risk assessment efforts across all technology platforms and services, identifying potential threats and vulnerabilities. Develop and maintain a robust incident response plan, ensuring readiness to handle security breaches, data loss, or regulatory incidents. Oversee the investigation of security incidents, including data breaches, and manage the communication process with internal and external stakeholders. Training and Awareness (15%): Develop and implement security awareness programs for all employees, ensuring that security and compliance are ingrained in the company culture. Provide leadership and education on emerging security threats and regulatory changes to senior management and key stakeholders. Regulatory and Client Relationships (10%): Maintain strong relationships with regulatory bodies and clients to ensure transparency and compliance in all data security matters. Serve as the main point of contact for regulatory audits and certifications related to security and compliance.
Qualifications
Bachelors degree in Information Security, Computer Science, or a related field. A Masters degree CISSP, CISM, CRISC, CISA, or similar certification. 10+ years of experience in security, compliance, or risk management, with a focus on healthcare or other highly regulated industries. Strong knowledge of healthcare regulations, including HIPAA, HITRUST, GDPR, and relevant security frameworks (NIST, ISO 27001 PCI DSS, and SOC 2). Proven experience leading security teams and managing compliance programs. Expertise in incident response, threat management, and security operations. Excellent communication skills, with the ability to engage and influence senior leadership and cross-functional teams.
Preferred Skills
General
Experience with cloud security (Google, Azure) and modern DevSecOps practices. Familiarity with healthcare-related cybersecurity threats and defense strategies. Expertise in big data platforms (e.g., Elasticsearch, BigQuery) and security tools (e.g., Burp Suite, Metasploit).
Core Cybersecurity Domains
Detection Engineering, Threat Intelligence, and Malware Analysis. Network Security and Monitoring. Security Tool Development and DevSecOps practices.
Advanced Knowledge Areas
Secure design principles, database security, cloud computing, and cryptography. Identity and access management, including multi-factor authentication and credential management. Incident management and forensics.
Software Development Security
Solid understanding of SDLC, secure coding practices, and DevOps integration. Proficient in identifying and mitigating vulnerabilities, such as privilege escalation and input validation.
We are an Equal Opportunity Employer, including disability/vets.
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Information Services and IT Services and IT Consulting Referrals increase your chances of interviewing at Inmar Intelligence by 2x Get notified about new Cyber Security Engineer jobs in
Winston-Salem, NC . Cyber Defense Threat Specialist (Sr. SOC Analyst)
Cyber Incident Responder (Cybersecurity Analyst Professional)
High Point, NC $82,100 - $172,400 2 months ago Director, Senior Cloud Security Architect
Manager, Information Security Innovation Accelerator Engineer (Automation and Innovation)
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
The
Principal Cybersecurity Engineer
is responsible for ensuring the security, compliance, and optimization of the organizations IT systems and services. This role combines oversight of regulatory complianceadhering to standards such as HIPAA, HITRUST, and other industry frameworkswith the design, implementation, and maintenance of robust cybersecurity programs. Acting as a technical leader and subject matter expert (SME), the Principal Engineer collaborates across teams to enhance security posture, protect against evolving threats, and support business continuity. This position requires deep expertise in cybersecurity principles, regulatory requirements, and best practices, alongside the ability to communicate effectively with both technical and executive stakeholders.
Security Leadership (20%): Develop, implement, and manage the Healthcare divisions overall security strategy to safeguard sensitive healthcare data, infrastructure, and applications. Collaborate with the enterprise security team on the design and maintenance of security controls, risk management strategies, and incident response protocols. Continuously monitor the security landscape and adapt the companys security posture to address new threats and vulnerabilities. Compliance Management (20%): Ensure the companys technology systems and practices comply with healthcare regulations (HIPAA, HITRUST, GDPR, etc.) and maintain all required certifications. Work closely with legal, HR, and operations teams to ensure adherence to internal and external policies governing data privacy and security. Conduct regular compliance audits and assessments to identify gaps and lead initiatives to close them. Collaboration with IT and Engineering Teams (20%): Work with IT, DevOps, and product teams to integrate security best practices throughout the software development lifecycle (SDLC). Implement secure-by-design methodologies in all technology solutions, ensuring that products are built with security from the ground up. Collaborate on infrastructure security, including network architecture, cloud security, and endpoint protection. Lead risk assessment efforts across all technology platforms and services, identifying potential threats and vulnerabilities. Develop and maintain a robust incident response plan, ensuring readiness to handle security breaches, data loss, or regulatory incidents. Oversee the investigation of security incidents, including data breaches, and manage the communication process with internal and external stakeholders. Training and Awareness (15%): Develop and implement security awareness programs for all employees, ensuring that security and compliance are ingrained in the company culture. Provide leadership and education on emerging security threats and regulatory changes to senior management and key stakeholders. Regulatory and Client Relationships (10%): Maintain strong relationships with regulatory bodies and clients to ensure transparency and compliance in all data security matters. Serve as the main point of contact for regulatory audits and certifications related to security and compliance.
Job Summary
The
Principal Cybersecurity Engineer
is responsible for ensuring the security, compliance, and optimization of the organizations IT systems and services. This role combines oversight of regulatory complianceadhering to standards such as HIPAA, HITRUST, and other industry frameworkswith the design, implementation, and maintenance of robust cybersecurity programs. Acting as a technical leader and subject matter expert (SME), the Principal Engineer collaborates across teams to enhance security posture, protect against evolving threats, and support business continuity. This position requires deep expertise in cybersecurity principles, regulatory requirements, and best practices, alongside the ability to communicate effectively with both technical and executive stakeholders.
Key Responsibilities
Security Leadership (20%): Develop, implement, and manage the Healthcare divisions overall security strategy to safeguard sensitive healthcare data, infrastructure, and applications. Collaborate with the enterprise security team on the design and maintenance of security controls, risk management strategies, and incident response protocols. Continuously monitor the security landscape and adapt the companys security posture to address new threats and vulnerabilities. Compliance Management (20%): Ensure the companys technology systems and practices comply with healthcare regulations (HIPAA, HITRUST, GDPR, etc.) and maintain all required certifications. Work closely with legal, HR, and operations teams to ensure adherence to internal and external policies governing data privacy and security. Conduct regular compliance audits and assessments to identify gaps and lead initiatives to close them. Collaboration with IT and Engineering Teams (20%): Work with IT, DevOps, and product teams to integrate security best practices throughout the software development lifecycle (SDLC). Implement secure-by-design methodologies in all technology solutions, ensuring that products are built with security from the ground up. Collaborate on infrastructure security, including network architecture, cloud security, and endpoint protection. Risk Assessment & Incident Response (15%): Lead risk assessment efforts across all technology platforms and services, identifying potential threats and vulnerabilities. Develop and maintain a robust incident response plan, ensuring readiness to handle security breaches, data loss, or regulatory incidents. Oversee the investigation of security incidents, including data breaches, and manage the communication process with internal and external stakeholders. Training and Awareness (15%): Develop and implement security awareness programs for all employees, ensuring that security and compliance are ingrained in the company culture. Provide leadership and education on emerging security threats and regulatory changes to senior management and key stakeholders. Regulatory and Client Relationships (10%): Maintain strong relationships with regulatory bodies and clients to ensure transparency and compliance in all data security matters. Serve as the main point of contact for regulatory audits and certifications related to security and compliance.
Qualifications
Bachelors degree in Information Security, Computer Science, or a related field. A Masters degree CISSP, CISM, CRISC, CISA, or similar certification. 10+ years of experience in security, compliance, or risk management, with a focus on healthcare or other highly regulated industries. Strong knowledge of healthcare regulations, including HIPAA, HITRUST, GDPR, and relevant security frameworks (NIST, ISO 27001 PCI DSS, and SOC 2). Proven experience leading security teams and managing compliance programs. Expertise in incident response, threat management, and security operations. Excellent communication skills, with the ability to engage and influence senior leadership and cross-functional teams.
Preferred Skills
General
Experience with cloud security (Google, Azure) and modern DevSecOps practices. Familiarity with healthcare-related cybersecurity threats and defense strategies. Expertise in big data platforms (e.g., Elasticsearch, BigQuery) and security tools (e.g., Burp Suite, Metasploit).
Core Cybersecurity Domains
Detection Engineering, Threat Intelligence, and Malware Analysis. Network Security and Monitoring. Security Tool Development and DevSecOps practices.
Advanced Knowledge Areas
Secure design principles, database security, cloud computing, and cryptography. Identity and access management, including multi-factor authentication and credential management. Incident management and forensics.
Software Development Security
Solid understanding of SDLC, secure coding practices, and DevOps integration. Proficient in identifying and mitigating vulnerabilities, such as privilege escalation and input validation.
We are an Equal Opportunity Employer, including disability/vets.
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Information Services and IT Services and IT Consulting Referrals increase your chances of interviewing at Inmar Intelligence by 2x Get notified about new Cyber Security Engineer jobs in
Winston-Salem, NC . Cyber Defense Threat Specialist (Sr. SOC Analyst)
Cyber Incident Responder (Cybersecurity Analyst Professional)
High Point, NC $82,100 - $172,400 2 months ago Director, Senior Cloud Security Architect
Manager, Information Security Innovation Accelerator Engineer (Automation and Innovation)
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr