Jobs · Information Technology · Massachusetts

Senior Security Engineer

HealthDrive Corporation · Framingham, MA · 1 wk ago
Information Technology$85k–$115k/yrFull-time

Responsibilities

  • Build, configure, deploy, and maintain security infrastructure — firewalls, MDM, identity platforms, email security, and cloud — using Fortinet (preferred), Microsoft Active Directory, Microsoft 365, and Azure; hands-on experience with comparable firewalls such as Palo Alto is transferable.
  • Implement and manage cloud security controls in Microsoft Azure, focusing on identity and access management, network security, and data protection.
  • Secure Network & Server Design : Partner hands-on with infrastructure teams to design and harden secure network and server configurations, including firewall, VPN, and access controls.
  • Endpoint & Data Protection : Own and maintain the policy configuration for HealthDrive's Proofpoint platforms — Email Security, Email DLP, Endpoint DLP, and Data Security Posture Management (DSPM) tuning detection and prevention rules, triaging alerts, and refining controls to protect against phishing, malware, and data exfiltration.
  • Vulnerability Management : Conduct regular vulnerability assessments using tools such as SecureWorks or Qualys, and coordinate remediation efforts with IT teams.
  • Incident Response : Lead incident detection, investigation, containment, and recovery in collaboration with internal teams and external partners and operationalize threat intelligence to inform detection and response priorities.
  • Security Automation : Develop scripts in PowerShell, Python, or Bash to automate routine security tasks and improve operational efficiency.
  • Third-party Risk Management : Own and drive HealthDrive’s Third-Party Risk Management (TPRM) program end to end, including inbound and outbound security-questionnaire processes — assessing vendor and partner security posture, maintaining the vendor risk-scoring framework, responding to security assessments HealthDrive receives from partners and payers, and managing ongoing third-party risk in line with HIPAA and HealthDrive’s data-protection obligations.
  • Compliance & Risk Management : Ensure adherence to HIPAA and other regulatory requirements through policy enforcement and risk-mitigation strategies.
  • Documentation & Training : Maintain detailed documentation of security configurations and procedures and provide guidance to business and IT staff on security best practices.
  • Security Awareness Training : Manage HealthDrive's security awareness training program — building and scheduling campaigns and phishing simulations, tracking completion and results, and reporting on workforce risk to IT leadership.
  • Collaboration With MSSP : Serve as liaison with HealthDrive’s Managed Security Service Provider to ensure effective threat monitoring and response.

Qualifications

  • Infrastructure-focused security engineering background, able to both set strategy and execute hands-on.
  • Deep understanding of network security fundamentals (TCP/IP, DNS, routing, firewalls).
  • Hands-on experience with enterprise-grade firewalls and network security tools.
  • Proficiency in Microsoft Active Directory and Azure Active Directory (Microsoft Entra ID).
  • Strong knowledge of Azure cloud security best practices.
  • Experience with endpoint protection and data loss prevention (DLP) technologies , preferably Proofpoint tools .
  • Experience leading or running third-party risk / vendor security assessment processes.
  • Excellent problem-solving, communication, and collaboration skills, with the ability to work both independently and across cross-functional teams.
  • Nice To Have : Microsoft Intune (MDM). Scripting with PowerShell, Python, or Bash. SIEM / XDR platforms such as Microsoft Sentinel or SecureWorks; experience with comparable platforms is transferable. Experience working with MSSPs and vulnerability detection and response platforms. Knowledge of healthcare compliance standards (HIPAA, HITECH). Experience managing security awareness training . Experience with Okta MFA configuration.

Similar jobs

Senior Security Engineer

Zermount, Inc.United States· 1 mo ago
RemoteInformation Technologyapply on zermount.isolvedhire.com

Senior Security Engineer

IrriWatchCarlsbad, CA· 2 mo ago
Information Technology$160k–$180k/yrapply on careers.hydrosat.com