Security Engineer

Description
Core Responsibilities
Implement and maintain CIS (Center for Internet Security) controls to ensure robust security standards across the portfolio.
Act as a liaison between Operations and Architecture teams, bridging the gap to align technical solutions with operational requirements.
Apply hands-on expertise to understand and analyze potential attack paths within enterprise systems.
Utilize strong technical knowledge to evaluate application stacks, including Windows IAS, databases, and IA controls, as well as Linux environments featuring NGINX and Apache.
Technical Skills and Experience
Experience with Terraform for infrastructure management and configuration.
Proficiency in configuring Windows Server, databases, and IAS on Windows servers hosted internally.
Familiarity with Linux environments, including NGINX and Apache web servers.
Experience working in healthcare environments, particularly with Epic systems.
Preferred Qualifications
Mid to senior level, with 5-10 years of relevant experience.
Primary experience with Windows (90%) and some exposure to Linux (10%).
Background in Azure cloud environments, with some experience in AWS.
Familiarity with CIS controls and benchmarking, with openness to other frameworks such as NIST.
Alignment to CIS benchmarks for Windows and the CIS cybersecurity framework; NIST publications are also acceptable.
Compliance Requirements
Understanding of HIPAA regulations is preferred.
Experience with HITRUST is considered ideal.
Some familiarity with PCI standards, as a small portion of PCI requirements are present in the organization's applications.
The Security Engineer is responsible for reducing organizational risk across the Hospital's large and complex portfolio of commercial applications. This role focuses on securing the hospital's expanding ecosystem of third-party applications, integrations, automated connections, and credential-dependent workflows, which represent a primary attack vector for modern threats.
The position establishes a central point of accountability for application security, driving standardization of security controls, reducing preventable exposure, and improving the organization's ability to detect and respond to application-related security incidents. The engineer partners closely with application owners, infrastructure teams, cybersecurity, enterprise architecture, and vendors to implement scalable consistent security practices while enabling business operations.
Essential Job Functions:
Serve as the central security authority for application and integration risk, ensuring consistent standards across a diverse application portfolio (>250 commercial / third-party applications).
Identify and reduce risk across:
a. Third-party applications
b. APIs and system integrations
c. Automated connections and file transfers
d. Service accounts and shared credentials
Assess and remediate risks associated with internet-facing applications and exposed access points, prioritizing high-risk entry vectors.
Enforce and configure standardized security controls and patterns for:
a. Authentication and authorization
b. Credential and secret management
c. Encryption and secure communications
d. Integration security
Partner with application owners and vendors to reduce preventable exposure, including eliminating insecure configurations, excessive access, and credential misuse.
Evaluate and secure applications throughout their lifecycle:
a. Procurement
b. Implementation
c. Integration
d. Ongoing operations
Lead efforts to reduce risk from:
a. Shared credentials
b. Hardcoded/embedded secrets
c. Overprivileged service accounts leveraged by applications
Support third-party risk management by assessing vendor integrations and data flow methods.
Knowledge, Skills and Abilities:
Strong understanding of application-layer attack paths, especially:
o Credential compromise
o Integration abuse
o API exploitation
o External exposure risks
Deep knowledge of:
o Authentication/authorization models (SSO, OAuth, service accounts)
o Secure integration patterns
o Encryption and data protection
Experience working in complex enterprise environments with large commercial application portfolios
Strong familiarity with:
o OWASP Top 10 and common exploitation techniques
o Identity and access management (IAM)
o Secrets and credential lifecycle management
o Center for Internet Security (CIS) Foundational Controls and Benchmarks
Understanding of network and edge security concepts:
o WAFs
o Firewalls
o Segmentation
o Internet-facing exposure
Ability to drive cross-functional remediation across technical and non-technical stakeholders
Strong analytical, prioritization, and decision-making skills in a risk-based environment
Excellent communication skills with the ability to translate technical risk into business impact
Skills
Information security, Security, Azure, Aws, CIS controls
Top Skills Details
Information security,Security,Azure,Aws,CIS controls
Additional Skills & Qualifications
Core Responsibilities
Implement and maintain CIS (Center for Internet Security) controls to ensure robust security standards across the portfolio.
Act as a liaison between Operations and Architecture teams, bridging the gap to align technical solutions with operational requirements.
Apply hands-on expertise to understand and analyze potential attack paths within enterprise systems.
Utilize strong technical knowledge to evaluate application stacks, including Windows IAS, databases, and IA controls, as well as Linux environments featuring NGINX and Apache.
Technical Skills and Experience
Experience with Terraform for infrastructure management and configuration.
Proficiency in configuring Windows Server, databases, and IAS on Windows servers hosted internally.
Familiarity with Linux environments, including NGINX and Apache web servers.
Experience working in healthcare environments, particularly with Epic systems.
Preferred Qualifications
Mid to senior level, with 5-10 years of relevant experience.
Primary experience with Windows (90%) and some exposure to Linux (10%).
Background in Azure cloud environments, with some experience in AWS.
Familiarity with CIS controls and benchmarking, with openness to other frameworks such as NIST.
Alignment to CIS benchmarks for Windows and the CIS cybersecurity framework; NIST publications are also acceptable.
Compliance Requirements
Understanding of HIPAA regulations is preferred.
Experience with HITRUST is considered ideal.
Some familiarity with PCI standards, as a small portion of PCI requirements are present in the organization's applications.
Experience Level
Entry Leve
Job Type & Location
This is a Contract position based out of Chicago, IL.
Pay and Benefits
The pay range for this position is $100.00 - $100.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
Medical, dental & vision
Critical Illness, Accident, and Hospital
401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
Life Insurance (Voluntary Life & AD&D for the employee and dependents)
Short and long-term disability
Health Spending Account (HSA)
Transportation benefits
Employee Assistance Program
Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Chicago,IL.
Application Deadline
This position is anticipated to close on May 12, 2026.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.