Senior Corporate Security Engineer

April 5

SmithRx

WebsiteLinkedInAll Job Openings

SmithRx is a tech-forward PBM committed to changing the way pharmacy benefits are managed.

Healthcare • Pharmaceuticals • Healthcare IT • Pharmacy Benefit Management • Pharmacy Benefits Management

51 - 200

💰 $20M Series B on 2022-03

Description

• Advise on security best practices to IT personnel on design, implementation, and maintenance of secure systems and networks, including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices. • Develop, deploy and manage tools to secure and monitor corporate assets including ownership of Endpoint Detection & Response (EDR) and Data Loss Prevention (DLP). • Review security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents from the Legal and Compliance teams. Monitor and analyze security logs and events, and be available to advise on security incidents in a timely manner. • Collaborate with cross-functional teams to ensure that security requirements are incorporated into corporate security processes/procedures/measures. • Provide technical expertise and guidance to IT teams to ensure that security controls are effectively implemented and maintained. • Stay updated on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture. • Participate in incident response activities, including investigation, containment, and recovery efforts, as needed. (During business hours: this is not an on-call position.) • Provide training and awareness programs to educate employees and users about CorpSec security best practices and procedures.

Requirements

• 5+ years of experience in Security Engineering or AppSec Engineering. • Strong knowledge of CorpSec principles, best practices, and industry standards, such as CIS/NIST Critical Security Controls. • Experience in SOC2 or HIPAA security audits and compliance • Hands-on experience with some corporate security tooling, such as firewalls, IDS/IPS, SIEM, DLP, antivirus, vulnerability management & scanning tools, etc. • Excellent analytical, problem-solving, and troubleshooting skills. • Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders. A risk-based approach to prioritization, rather than checkbox ticking • Experience with identity management: TKTK and current identity management best practices

Benefits

• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance • Flexible Spending Benefits • 401(k) Retirement Savings Program • Short-term and long-term disability • Discretionary Paid Time Off • 12 Paid Holidays • Wellness Benefits • Commuter Benefits • Paid Parental Leave benefits • Employee Assistance Program (EAP) • Well-stocked kitchen in office locations • Professional development and training opportunities