Information security Engineer @ Pace Wisdom Solutions

Job Title: Information Security Engineer

Position Overview:

We are seeking a highly skilled Information Security Engineer to manage Risk Assessment, Compliance, and Cloud Infrastructure Security, with specialized expertise in healthcare security, cybersecurity analytics, and emergency preparedness. The ideal candidate will have experience designing secure applications and architectures, conducting SAST/DAST testing, managing cyber emergency preparedness, and ensuring robust security protocols across the enterprise. You will also be responsible for developing security policies and procedures and integrating cutting- edge security practices to maintain the organizations security posture and compliance standards.

Key Responsibilities:

Risk Assessment: Perform internal and third-party risk assessments, conduct security audits, and manage vulnerability remediation. Develop mitigation strategies and report risks to senior management.

Cloud Infrastructure Security: Secure cloud environments (AWS, Azure, GCP) and on prem infrastructure, ensuring access controls, encryption, and network security protocols are in place.

Compliance Management: Oversee compliance with HIPAA, GDPR, DPDPA, and healthcare-specific regulations. Support audit preparation, conduct assessments, and ensure alignment with industry and privacy standards.

Cybersecurity Analytics: Leverage cybersecurity analytics to monitor, identify, and respond to threats in real-time, utilizing data-driven insights to enhance overall security posture.

Designing Secure Applications Architectures: Collaborate with development teams to design and implement secure applications and system architectures, ensuring that security best practices are incorporated into the software development lifecycle.

SAST/DAST: Implement Static and Dynamic Application Security Testing (SAST/DAST) to identify vulnerabilities and ensure secure coding practices through out the development pipeline.

Cyber Emergency Preparedness: Develop and maintain cyber emergency preparedness plans, including incident response, disaster recovery, and business continuity strategies.

Electronic Surveillances Corporate Security: Oversee and manage electronic surveillance systems to detect and prevent both physical and cybersecurity threats. Ensure seamless integration between corporate security measures and IT/cybersecurity strategies.

Security Policies Procedures: Develop, document, and maintain comprehensive security policies and procedures to ensure regulatory compliance and alignment with risk management frameworks.

Incident Response: Lead investigations into security incidents, conduct root cause analysis, and recommend corrective actions to prevent future breaches.

Collaboration Training: Partner with IT, development teams, and external vendors to integrate security best practices into cloud and infrastructure environments. Provide training and awareness programs to staff on security policies and procedures.

Qualifications:

2-5 years of experience in information security, risk management, compliance, and healthcare security.

Expertise in cybersecurity analytics, secure application design, and architectural security best practices.

Strong knowledge of HIPAA,GDPR, DPDPA, and other healthcare-related compliance regulations.

Hands-on experience with cloud security (AWS, Azure, GCP) and infrastructure security.

Proficiency in SAST/DAST tools and vulnerability management.

Experience with cyber emergency preparedness, incident response, and disaster recovery planning.

Knowledge of electronic surveillance systems and corporate security measures to protect both physical and digital assets.

Ability to document and maintain security policies, procedures, and standards.

Strong analytical, communication, and problem-solving skills.

Certifications(Preferred):

CISSP, CISM, CRISC, CEH, AWS Certified Security Specialty, Azure Security Engineer, Certified HIPAA Professional (CHP), Certified Information Privacy Professional (CIPP/US), Certified Business Continuity Professional (CBCP)