×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

IT Security Engineer III- GRC SME

Job in Warrenville, DuPage County, Illinois, 60555, USA
Listing for: Endeavor Health
Full Time position
Listed on 2025-12-21
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 41.64 - 64.54 USD Hourly USD 41.64 64.54 HOUR
Job Description & How to Apply Below

Hourly Pay Range: $41.64 - $64.54. The hourly pay rate offered is determined by a candidate's expertise and years of experience, among other factors.

Position Highlights
  • Position: IT Security Engineer III - GRC SME
  • Location:

    Warrenville, IL or Skokie, IL or Arlington Heights, IL
  • Full Time
  • Hours:

    Monday-Friday, 8:00am - 5:00pm
  • Hybrid Position
Job Summary

The Security Engineer III – GRC at Endeavor Health is responsible for strengthening the organization’s cybersecurity posture through the execution of governance, risk management, and compliance activities. This role focuses on developing, documenting, and refining security standards and procedures; performing risk and control assessments; and ensuring alignment with healthcare regulatory and security frameworks, including HIPAA, industry standards, and organizational policies.

Working primarily in a remote capacity, this role partners closely with Information Security, IT, clinical technology teams, and business stakeholders to evaluate security risks, support compliance initiatives, and guide the secure design and operation of internal and external systems. The Security Engineer III also provides technical leadership, mentors junior staff, and supports enterprise‑wide cybersecurity initiatives.

What You Will Do
  • Execute cybersecurity risk assessments, control reviews, and governance activities across infrastructure, applications, cloud services, and medical technologies.
  • Conduct cybersecurity and compliance assessments aligned with HIPAA Security and Privacy Rules, internal policies, and applicable regulatory and industry standards.
  • Identify cybersecurity risks related to medical devices, applications, and systems, and provide actionable mitigation and remediation recommendations.
  • Support internal and external audits, including coordination with Internal Audit, third‑party assessors, and penetration testing teams.
  • Participate in security reviews of new and existing systems to ensure security requirements are met prior to implementation.
  • Lead or support cybersecurity incident response activities in coordination with cross‑functional teams.
  • Manage and contribute to multiple cybersecurity and GRC‑related projects simultaneously.
  • Design and implement comprehensive security controls incorporating emerging technologies and industry best practices.
  • Mentor and train junior staff on cybersecurity tools, processes, and governance practices.
What You Will Need
  • Education:

    Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field. Equivalent professional experience may be considered in lieu of a degree.
  • Certification:
    At least one active, industry‑recognized cybersecurity or GRC‑related certification, such as
    • Security+ / GSEC / SSCP / CRISC / CISA (acceptable if security‑focused)
    • Advanced or healthcare‑relevant certifications, such as CISSP, CRISC, CISM, HCISPP, GIAC
  • Experience:

    Eight (8) or more years of combined IT and cybersecurity experience.
  • Demonstrated experience leading or independently executing security initiatives.
  • Hands‑on experience supporting, securing, and documenting at least two enterprise applications or platforms.
  • Experience performing risk assessments, control evaluations, or compliance activities.
  • Experience collaborating with infrastructure, application, and operations teams.
  • Unique or Preferred

    Skills:
    • Strong working knowledge of information security governance, risk management, and compliance principles.
    • Demonstrated understanding of security frameworks and standards, including:
      • HIPAA Security Rule
      • NIST (800‑53, 800‑30, 800‑61, 800‑171)
      • ISO 27001 (working knowledge)
      • PCI‑DSS
    • Experience assessing and advising on technical and operational security controls.
    • Familiarity with enterprise security domains, including:
      • Endpoint security (EDR, anti‑malware)
      • Vulnerability management
      • Network and application security
      • Cloud security concepts
    • Ability to translate technical risk into business and compliance impact.
    • Proven leadership and project coordination skills in a matrixed environment.
    • Strong written and verbal communication skills, including security documentation and executive‑level reporting.
    • Ability to mentor junior staff and contribute to…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search