Remote Principal Engineer

Summary

Join SmithRx, a rapidly growing Health-Tech company, as we seek an experienced Principal Engineer, Cybersecurity to lead the design and implementation of our security capabilities across all technology platforms.

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience; advanced degree preferred
• 15+ years of experience in information security, with at least 2 years in a security architecture role. 12+ years OK with advanced degree
• Familiarity with known adversary tactics, techniques, and procedures, such as MITRE ATT&CK
• Proven experience in defining and implementing processes, workflows, and templates for security architecture
• Strong experience with regulatory and compliance requirements (e.g., HIPAA, SOC2, and privacy frameworks)
• Experience with cloud security and designing security solutions for complex, multi-cloud environments, particularly in AWS, Azure, or Google Cloud environments
• Proficiency in zero-trust, cloud security, application security, identity management, and data protection
• Relevant certifications such as CISSP, CISM, or CISA preferred

Responsibilities

• Develop and maintain the overarching cybersecurity product for SmithRx, ensuring alignment with security strategy, business goals, and regulatory requirements
• Lead security architecture reviews for new systems, platforms, and IT projects
• Define processes, workflows, and templates for security drive to standardize practices across the organization
• Lead the design and implementation of security controls across cloud and on-premise environments, ensuring the protection of sensitive data
• Collaborate with IT, DevOps, and Product teams to integrate security practices into the development lifecycle
• Provide expert guidance on secure system design, threat modeling, and risk assessment to IT and development teams
• Own, define, communicate, and drive the technical vision and product strategy for security capabilities
• Stay informed on emerging cybersecurity threats and best practices, integrating them into the company's security strategy
• Collaborate with legal and compliance teams to ensure adherence to industry regulations, including HIPAA
• Support and contribute to incident response efforts and provide guidance on remediation and recovery strategies
• Mentor, lead, and develop a team of cybersecurity and IT professionals, fostering a culture of security awareness and continuous improvement

Benefits

• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
• Flexible Spending Benefits
• 401(k) Retirement Savings Program
• Short-term and long-term disability
• Discretionary Paid Time Off
• 12 Paid Holidays
• Wellness Benefits
• Commuter Benefits
• Paid Parental Leave benefits
• Employee Assistance Program (EAP)
• Well-stocked kitchen in office locations
• Professional development and training opportunities