Senior Security Engineer

About The Position

Requirements

• First and foremost, you’re passionate and committed to reimagining pediatric health care and creating a world where every child with complex medical conditions gets the care and support they deserve.
• Bachelor of Science degree in Computer Science, Information Security, Business, Management, or related field is desired.
• Relevant license or certification(s): GIAC, CISSP, CISA, CISM, CRISC, GCIH, Security+, CySA+, CEH, SSCP, ITIL preferred.
• 6+ years of experience as an Information Security Analyst, Risk Analyst, Security Engineer, Information Security Engineer, or similar role. 4 of the 6+ years of experience ideally within the healthcare industry.
• Experience using Artificial Intelligence (AI) tools to enhance and automate security processes and procedures.
• Experience with managing HITRUST, HIPAA requirements and working with auditors.
• Knowledge of IT systems such as Microsoft InTune, EntraID, JAMF, Meraki, JIRA Service Management.
• Strong diagnostic and problem-solving abilities, and an ability to innovate and grow knowledge in a fast-paced environment.
• Comfortable working knowledge of key technology concepts such as access control, confidential data, encryption, business continuity, information security vulnerability scans, and cloud services.
• Proven history executing business impact projects within defined scope, deliverables, and timeframe.
• Ability to remain calm and lead the technical response to security incidents and data breaches.

Responsibilities

• Design and implement information security technology including endpoint protection, vulnerability management, e-mail security, data loss prevention, static/dynamic code testing, firewalls.
• Ensure deployments are aligned with relevant industry standards such as CIS, HIPAA, NIST, OWASP Top 10 and HITRUST.
• Integrate systems and applications with SIEM solution.
• Respond to alerts and escalations from MDR provider and other security systems as part of the on-call rotation.
• Interpret log outputs from a wide selection of IT, security and cloud infrastructure.
• Create, implement, and test incident response procedures for new threat content and alerts.
• Continually monitor and share cyber security intelligence and vulnerability reporting with the IT team.
• Monitor external threat environment to ensure Imagine Pediatrics is responsive to short- and long-term threats.
• Respond to and resolve cyber security threats that may impact the confidentiality, integrity, or availability of Imagine Pediatrics systems and personnel.
• Ensure that security control initiatives are executed on schedule and in line with Imagine Pediatrics Information Security program objectives and corporate policies.
• Apply professional discretion and judgement when viewing sensitive and personal data or information in the process of conducting work.
• Other duties as assigned.

Benefits

• The role offers a base salary range of $140,000 - $160,000 in addition to annual bonus incentive, competitive company benefits package and eligibility to participate in an employee equity purchase program (as applicable).
• Competitive medical, dental, and vision insurance
• Healthcare and Dependent Care FSA; Company-funded HSA
• 401(k) with 4% match, vested 100% from day one
• Employer-paid short and long-term disability
• Life insurance at 1x annual salary
• 20 days PTO + 10 Company Holidays & 2 Floating Holidays
• Paid new parent leave
• Additional benefits to be detailed in offer