Sr. Cybersecurity Engineer
About DrFirst
For 25 years, DrFirst has empowered providers and patients to achieve better health through intelligent medication management. We improve healthcare workflows and help patients start and stay on therapy with end-to-end solutions that enhance prescription access, affordability, and adherence. Our solutions help 100 million patients a year and are used by more than 420,000 prescribers, 71,000 pharmacies, 270 EHRs and health information systems, and over 2,000 hospitals in the U.S. This is a great opportunity to be a part of a successful Healthcare IT company experiencing significant growth.
Position Overview
We are looking for engineers committed to advancing our security program for the benefit of our team, our customers, and the patients we serve. We are looking for a different kind of security engineer — a true engineer, not an analyst. You learn continuously and deploy often. You implement as fast as you learn, outpace your peers, and use Claude the way a top-tier engineer builds software — to accelerate delivery by offloading the repetitive and mundane. You believe results speak louder than words, and you are confident enough to show incremental progress quickly and course correct rapidly. That momentum compels you to do more — and you believe, correctly, that delivering results earns respect and reward.
What You Will Work On
Corporate Security Operations Inbox, questionnaires, VRAs, KnowBe4 training and phishing campaigns, onboarding/offboarding compliance, remote worker compliance, endpoint and allowlist controls, policy maintenance, Okta and corporate tool implementation, website and public domain compliance monitoring, data governance implementation
Production Alert Triage AWN, SentinelOne, Proofpoint, Splunk, AWS Security Hub, GCP Security Command Center, Tenable, Zscaler (ZIA/ZPA), endpoint software detection — triage, tuning, escalation to PSE1 (infrastructure) or PSE2 (customer incidents)
Audit Evidence Collection SOC 2 / HITRUST evidence for all controls mapping to your owned domains
PSE2 project manages; you own your evidence slice independently — April through June and August through September
Strategic initiatives you step into from day one
Data governance — retention policy framework in progress; drive implementation by data stream and category, coordinate purge processes across email and corporate data stores
De-identification service — service is built; drive production data through it to reduce PII/PHI retention exposure across relevant systems
Corporate Claude environment — own the security architecture, guardrails, and governance for non-engineering staff using Claude for automation and data access via MCPs
Experience Qualifications
Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or similar
5+ years in cybersecurity engineering or a closely related role
Hands-on operational experience with SIEM platforms, endpoint security, and cloud security tooling
Demonstrated experience with AWS and GCP security monitoring — Security Hub, GCP Security Command Center, GuardDuty, or equivalent
Background in SOC 2, HITRUST, or NIST 800-53; HIPAA/PHI environment experience preferred
Experience completing customer security questionnaires and VRAs at a senior level
Scripting or automation experience — Python, PowerShell, or Bash — applied to real operational problems
AI-Augmented Engineering — Non-Negotiable Daily, practical use of Claude or an equivalent LLM — not experimental, not occasional
Specific examples of AI measurably accelerating your output — with before/after context you can speak to in detail
Stack Experience — Preferred
Core Attributes
Owns it: Takes the domain, assesses what needs to happen, and makes it happen — without waiting to be told
Thinks in days: Sets aggressive timelines, consults stakeholders before committing, and closes — does not default to pushing target dates out when a few focused sessions would get it done
Earns influence: Gets other teams to prioritize security work through competency and credibility, not escalation
Systems thinker: Automates before accepting manual as the default; scripting or programming background applied to security problems
Communicates through output: Shows up to scrums with closed items and next actions — credibility comes from work that speaks for itself
Physical Requirements
90% Desk/phone work
10% Standing/moving throughout the office
Benefits
Competitive compensation, with a base salary of $130,000 - $150,000 (Exact compensation may vary based on skills and experience)
Company Performance-based Bonus Program, based on individual and company performance
Medical, dental, and vision insurance
401K eligible after 3 months of employment, with 50% company match up to first 5% of salary contributed to the plan with a 3-year vesting schedule
HSA for eligible employees enrolled in the HDHP, with a generous company contribution up to $500 for individual coverage and $1000 for family coverage per year
100% company-paid short and long-term disability, AD&D, and group life insurance
Accrued annual paid time off (PTO) of 18 days for the first 3 years of service, increasing thereafter and 7 paid holiday days
Employee Assistance Program
Continuing Education funds up to $1500 annually for eligible programs after 1 year of service
Voluntary benefits including FSA, Hospital indemnity, Accident and Critical Illness insurances