​This is a senior-level, remote Senior Cybersecurity Engineer role at Healthfirst, specifically focusing on Security Awareness. This engineer will be responsible for developing and running the enterprise-wide security awareness program, ensuring it meets healthcare regulations and standards, and actively works to mitigate the top human risks by changing employee behavior.

• ​Location: Remote, New York.
• ​Hiring Range (GNY Area): $134,600 – $194,480.
• ​Hiring Range (Other Approved Locations): $119,600 – $177,905.
• ​Focus: Developing comprehensive security awareness campaigns, identifying top human risks, changing user behavior, ensuring regulatory compliance, and applying IT/Security Engineering expertise to the awareness discipline.
• ​Experience: Management/leadership experience in instructional design and having substantially expanded an enterprise security program for a large organization ($5B+ annual revenue).

​Responsibilities: Program Development and Risk Mitigation

​The role requires a blend of technical security knowledge, instructional design, and strategic leadership to influence behavior across the enterprise.

• ​Program Development: Develop learning and awareness programs to cultivate a culture of security awareness.
• ​Behavior Change: Identify the top human risks to Healthfirst and the specific behaviors that need to be changed to mitigate that risk. Develop and maintain a program that supports changing these risky behaviors.
• ​Compliance: Ensure the security awareness program meets industry regulations, standards, and compliance requirements (e.g., HIPAA in healthcare), and clearly communicates security policies.
• ​Liaison: Work closely with leadership across the organization to understand security challenges and tailor training to meet business and compliance requirements.
• ​Technical Integration: Continuously monitor the vulnerability of the enterprise and develop engineering solutions to improve security, applying expertise in IT Infrastructure and Application Development.

​Required and Preferred Qualifications

​The position mandates both technical security understanding and direct experience leading large-scale organizational programs.

• ​Education: BS Degree in Computer Science, Information Technology, or Cyber Security (or related field).
• ​Leadership Experience (Mandatory): Management and leadership responsibility, experience in instructional design, and having built or substantially expanded an enterprise security program for an organization larger than $5B annual revenue.
• ​Core Security Understanding: In-depth understanding of cybersecurity concepts and principles, and the ability to mitigate identified human risks.
• ​Program Development: Ability to develop comprehensive security awareness campaigns and form complex security messages in a simple, clear, and concise manner.
• ​Preferred Tools: Knowledge of KnowBe4 and Living Security (security awareness platforms).
• ​Preferred Experience: Project management experience, IT engineering or Security Engineering experience, and basic experience giving security training to non-security personnel.