Senior Cyber Security Engineer

Senior Cybersecurity Engineer Role Summary The Senior Cybersecurity Engineer is responsible for protecting the information systems, digital assets, and technology infrastructure of Howard University Hospital. This position designs, implements, and maintains advanced cybersecurity solutions that safeguard patient data, clinical systems, and enterprise applications. Working across on-premises, hybrid, and cloud environments, the Senior Cybersecurity Engineer helps ensure the hospital’s technology environment remains secure, compliant, and resilient against emerging threats. This role provides both hands-on technical expertise and strategic leadership in support of cybersecurity maturity, incident response, risk management, and continuous improvement of security controls. What You’ll Do Security Operations & Incident Response Monitor, analyze, and respond to security alerts, incidents, and anomalies across hospital systems. Conduct vulnerability assessments, penetration testing, and threat-hunting activities to identify and mitigate risks. Investigate and document security incidents, perform root cause analysis, and recommend remediation actions. Utilize SIEM, EDR, and IDS/IPS platforms such as CrowdStrike and Microsoft Sentinel to strengthen continuous monitoring. Security Engineering & Architecture Design, implement, and manage enterprise cybersecurity controls, including firewalls, NAC, DLP, CASB, and endpoint protection systems. Support secure configuration management using CIS Benchmarks and STIGs. Implement and manage identity and access management, multifactor authentication, and privileged access controls. Integrate cybersecurity practices into DevOps processes and CI/CD pipelines. Support the adoption and enforcement of Zero Trust Architecture principles across hybrid and cloud environments. Governance, Risk, and Compliance Ensure compliance with cybersecurity frameworks and regulatory requirements, including HIPAA, NIST 800-53, ISO/IEC 27001, PCI DSS, and GDPR. Contribute to the development and maintenance of security policies, procedures, and documentation. Support internal and external security audits, risk assessments, and compliance reviews. Participate in disaster recovery and business continuity planning activities. Collaboration, Training, and Awareness Work collaboratively with IT, Compliance, and Clinical Operations to embed security throughout technology operations. Provide mentorship and technical leadership to IT personnel and cybersecurity staff. Develop and deliver user training on secure computing, phishing prevention, and data protection best practices. Communicate complex technical concepts to diverse audiences, promoting security awareness and shared accountability. Required Qualifications Education Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field required. Master’s degree in Business Administration, Cybersecurity, or related discipline preferred. Experience Minimum 7–10 years of progressive experience in information security, with at least 5 years in a security engineering role. Demonstrated experience securing hybrid infrastructures, including on-premises systems and cloud environments such as Azure, AWS, or GCP. Proven expertise with enterprise tools such as Microsoft Defender Suite, Cisco ISE, CrowdStrike Falcon, and Azure Sentinel. Proficiency in scripting languages such as PowerShell or Python for automation and threat analysis. Strong background in encryption, PKI, IAM, SSO, VPNs, and secure system design. Experience implementing Zero Trust Architecture and DevSecOps practices. Preferred Certifications CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Certified Security – Specialty Microsoft Certified: Azure Security Engineer Associate SABSA or TOGAF preferred Additional Requirements Strong written and verbal communication skills. Ability to manage multiple priorities and work effectively in a fast-paced, high-stakes healthcare environment. High level of integrity and commitment to protecting sensitive information and hospital assets. About Howard University Hospital Howard University Hospital is one of the nation’s leading academic medical centers and the primary teaching hospital for the Howard University College of Medicine. Located in Washington, DC, the hospital is dedicated to excellence in patient care, education, and research. As a mission-driven healthcare organization, Howard University Hospital relies on secure, resilient, and high-performing technology systems to support patient care, clinical operations, and enterprise services. The Enterprise Technology Services team plays a critical role in advancing that mission. What We Offer Meaningful work in support of a mission-driven academic medical center Opportunities to work with advanced enterprise and cloud-based technologies A collaborative environment focused on innovation, service, and operational excellence Professional growth and development opportunities Comprehensive benefits package Position Details Department: Enterprise Technology Services Reports To: Senior Director of Cybersecurity Location: Howard University Hospital – Washington, DC Status: Full-Time Pay + Schedule Salary will be determined by the Compensation Department based on experience, education, internal equity, and other relevant factors. Compliance Statements Culture of Care Howard University Hospital supports a Just Culture that promotes accountability, learning, and patient safety. Equal Opportunity Employer Howard University Hospital is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants and do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity, or any other status protected by applicable law. Reasonable Accommodation Howard University Hospital is committed to providing reasonable accommodations to qualified individuals with disabilities in accordance with the Americans with Disabilities Act (ADA) and applicable state and local laws. If you require an accommodation during the application or interview process, please contact the Human Resources Department at View email address on click.appcast.io. Pay Transparency Salary ranges listed in job postings reflect the expected compensation range for the position and are provided in accordance with applicable pay transparency laws. Final compensation is determined based on experience, education, internal equity, and other relevant factors. Disclaimer The above statements describe the general nature and level of work performed. They are not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the position. #J-18808-Ljbffr