The original post: /r/cybersecurity by /u/PlayfulVirus3771 on 2024-11-16 00:48:56.

Hello everyone,

I just landed a security engineer role at a healthcare org, focusing on Azure . Super excited but also kinda nervous! I’ve got about a year of experience from my previous tech company job, but that was more infrastructure/security hybrid stuff.

Here’s the situation - I’ll be reporting directly to the CISO in a pretty small security team (just me, another engineer, and the CISO). One of my main responsibilities will be handling security audits, which I’ve only assisted with before, never led.

Would love some advice on:

1. How to prep for healthcare security.
2. Tips on building a good relationship with the CISO
3. What to focus on in my first few months
4. How to approach running security audits (especially HIPAA/healthcare specific ones)

I know healthcare audits are no joke - any guidance would be super appreciated!

Thanks!