Senior IT Security Engineer
About Sequel
Sequel, headquartered in Manchester, New Hampshire, is a company developing the next generation of transformative drug-delivery advancements, starting with diabetes. Sequel’s flagship product, the twiist Automated Insulin Delivery (AID) System, was launched in July 2025 for people with type 1 diabetes.
Job Overview
The Sr. IT Security Engineer is a hands-on technical leader responsible for executing and continuously improving Sequel’s security operations program. This role plays a key part in protecting the organization’s systems, data, and users by managing day-to-day security operations, responding to risks, and strengthening core security capabilities.
Job Responsibilities And Essential Duties
Security Strategy, Roadmap & Program Leadership
Execute and support ongoing security operations aligned with Sequel’s security priorities and roadmap
Translate security findings, alerts, and audit requirements into actionable remediation plans
Proactively monitor the evolving threat landscape and regulatory environment; assess their impact on Sequel's security posture and bring forward-looking recommendations before they become reactive obligations
Contribute to investment and business-case discussions by articulating risk-reduction value, projected outcomes, and cost framing in terms leadership can act on
Partner with IT and Security & Compliance to implement security initiatives and enhancements
Vulnerability & Patch Management
Manage the vulnerability lifecycle, including scanning, triage, prioritization, and remediation tracking
Drive recurring patch cycles in coordination with IT operations; champion timely remediation of high-severity findings and validate that fixes close the underlying vulnerability, not just the ticket
Track and report on vulnerability metrics, trends, and SLA adherence
SIEM Operations, Incident Response & Platform Maturity
Monitor, triage, and investigate alerts across SIEM and Microsoft Defender tools (Defender for Endpoint, Defender for Cloud Apps, Defender for Identity)
Lead end-to-end incident response, including containment, investigation, root cause analysis
Communicate status and findings to security leadership
Own SIEM platform maturity: build and tune detection rules, develop response automation and playbooks, expand log and data-source coverage, and continuously reduce alert noise and analyst fatigue
Define, track, and present response metrics — MTTD, MTTR, alert volume, false-positive rates — and use trend data to prioritize tuning and platform investment decisions
Risky User & Risky Device Remediation
Identify, investigate and remediate risky users and devices across Microsoft Entra and Defender tools
Support Conditional Access and device compliance policies
Partner with IT to address identity risks and improve overall security posture
Security Policy & Data Protection Administration (Microsoft Purview & DLP)
Administer Microsoft 365 security and data protection solutions, including Purview DLP, sensitivity labeling, retention policies, data lifecycle management, and defensible deletion
Maintain and update security configurations and documentation in response to evolving business and compliance feedback
Assess current data-protection coverage and recommend policy enhancements aligned to the compliance roadmap
Security Awareness & Training Program
Support the execution of the security awareness program, including phishing simulations and training campaigns (KnowBe4)
Analyze simulation results, assess the threat landscape, and provide recommendations on training content and simulation difficulty to keep improve training program outcomes
Audit & Compliance Execution
Support audit readiness activities, including evidence collection and control execution (e.g., SOC 2, HITRUST) in the GRC platform (Vanta)
Maintain documentation and drive remediation of audit findings; partner with the Senior Manager, Security & Compliance to ensure audit readiness is maintained
Partner with Security & Compliance to ensure controls are operating effectively
Documentation, Metrics & Reporting
Maintain runbooks, standard operating procedures, and security workflow documentation sufficient for audit evidence and operational continuity
Track and report security and compliance metrics and related platforms; deliver leadership-ready reporting on a regular cadence
Contribute to board- and executive-level security reporting by providing clear, data-backed summaries of program status, risk posture, and progress against roadmap milestones
Cross-Functional Collaboration
Partner with IT, Legal, and People & Culture to align security practices with business and regulatory needs
Provide security guidance on IT projects, configurations, and change requests
Minimum Requirements
7+ years in security engineering, security operations, or a closely related discipline, with at least 4 years of hands-on ownership of security operations or incident response programs
Demonstrated experience contributing to or owning a security roadmap or program maturity initiative — helping define what the program should accomplish next and building the case for it
Hands-on experience with vulnerability management and incident response
Experience with SIEM tools and Microsoft security ecosystem (Defender, Entra, Purview)
Exposure to security and compliance frameworks (SOC 2, HITRUST, or similar)
Experience supporting audits, including evidence collection and remediation
Ability to work independently and manage multiple priorities
Strong communication skills with both technical and non-technical stakeholders
Preferred Qualifications
Candidate must reside in the contiguous United States and work East Coast hours
$100,000 - $165,000 a year
Company Values
Sequel Med Tech provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. At Sequel, we believe that when you thrive, we thrive. That’s why our benefits package is designed to support you from day one.
Benefits
Automatic enrollment in 401k plan with a 6% company match and 100% immediate vesting
Capped out-of-pocket insulin costs and GLP-1 coverage across all plans
Access to a variety of Meritain health insurance plans
Flexible PTO, generous paid holidays, and Flex Time options
Employer-paid short-term disability and life insurance
Comprehensive benefits package including vision and dental coverage, and voluntary options such as long-term disability, accident, critical illness, hospital indemnity, and discounts for pet care
Environmental/Safety/Physical Work Conditions
Ensures environmental consciousness and safe practices are exhibited in decisions
Use of computer and telephone equipment and other related office accessories/devices to complete assignments
May work extended hours during peak business cycles
Physical requirements such as lifting specific weights
Some travelling is expected