Senior Security Engineer
HealthDrive Corporation · Framingham, MA · 1 wk ago
Information Technology$85k–$115k/yrFull-time
Responsibilities
- Build, configure, deploy, and maintain security infrastructure — firewalls, MDM, identity platforms, email security, and cloud — using Fortinet (preferred), Microsoft Active Directory, Microsoft 365, and Azure; hands-on experience with comparable firewalls such as Palo Alto is transferable.
- Implement and manage cloud security controls in Microsoft Azure, focusing on identity and access management, network security, and data protection.
- Secure Network & Server Design : Partner hands-on with infrastructure teams to design and harden secure network and server configurations, including firewall, VPN, and access controls.
- Endpoint & Data Protection : Own and maintain the policy configuration for HealthDrive's Proofpoint platforms — Email Security, Email DLP, Endpoint DLP, and Data Security Posture Management (DSPM) tuning detection and prevention rules, triaging alerts, and refining controls to protect against phishing, malware, and data exfiltration.
- Vulnerability Management : Conduct regular vulnerability assessments using tools such as SecureWorks or Qualys, and coordinate remediation efforts with IT teams.
- Incident Response : Lead incident detection, investigation, containment, and recovery in collaboration with internal teams and external partners and operationalize threat intelligence to inform detection and response priorities.
- Security Automation : Develop scripts in PowerShell, Python, or Bash to automate routine security tasks and improve operational efficiency.
- Third-party Risk Management : Own and drive HealthDrive’s Third-Party Risk Management (TPRM) program end to end, including inbound and outbound security-questionnaire processes — assessing vendor and partner security posture, maintaining the vendor risk-scoring framework, responding to security assessments HealthDrive receives from partners and payers, and managing ongoing third-party risk in line with HIPAA and HealthDrive’s data-protection obligations.
- Compliance & Risk Management : Ensure adherence to HIPAA and other regulatory requirements through policy enforcement and risk-mitigation strategies.
- Documentation & Training : Maintain detailed documentation of security configurations and procedures and provide guidance to business and IT staff on security best practices.
- Security Awareness Training : Manage HealthDrive's security awareness training program — building and scheduling campaigns and phishing simulations, tracking completion and results, and reporting on workforce risk to IT leadership.
- Collaboration With MSSP : Serve as liaison with HealthDrive’s Managed Security Service Provider to ensure effective threat monitoring and response.
Qualifications
- Infrastructure-focused security engineering background, able to both set strategy and execute hands-on.
- Deep understanding of network security fundamentals (TCP/IP, DNS, routing, firewalls).
- Hands-on experience with enterprise-grade firewalls and network security tools.
- Proficiency in Microsoft Active Directory and Azure Active Directory (Microsoft Entra ID).
- Strong knowledge of Azure cloud security best practices.
- Experience with endpoint protection and data loss prevention (DLP) technologies , preferably Proofpoint tools .
- Experience leading or running third-party risk / vendor security assessment processes.
- Excellent problem-solving, communication, and collaboration skills, with the ability to work both independently and across cross-functional teams.
- Nice To Have : Microsoft Intune (MDM). Scripting with PowerShell, Python, or Bash. SIEM / XDR platforms such as Microsoft Sentinel or SecureWorks; experience with comparable platforms is transferable. Experience working with MSSPs and vulnerability detection and response platforms. Knowledge of healthcare compliance standards (HIPAA, HITECH). Experience managing security awareness training . Experience with Okta MFA configuration.