Remote Senior Cybersecurity Engineer

Summary

Join Evergreen Nephrology as a Senior Cybersecurity Engineer and play a critical role in protecting the company's cloud-based systems, network devices, and endpoints. As a key member of the security team, you will be responsible for developing and implementing comprehensive security solutions, leading incident response activities, and collaborating with stakeholders to ensure compliance with regulatory requirements.

Requirements

• Demonstrated ability to lead and mentor security team members, fostering continuous improvement and collaboration
• Highly entrepreneurial spirit with a 'make it happen' attitude
• High degree of emotional intelligence, competence, maturity, adaptability, resilience, integrity, and initiative
• Exceptional interpersonal skills and the ability to collaborate effectively with executives, managers, and team members across various departments, fostering a positive and productive work environment
• Ability to communicate a security strategy to both technical and non-technical audiences
• Bachelor's Degree in Computer Science, Information Security, or a related field
• A minimum of 7 years of experience in cybersecurity
• Proven understanding of healthcare privacy and security practices, with knowledge of regulations such as HIPAA, HITECH, HITRUST, NIST, and PCI DSS (ideal)
• Certification in one or more of the following: CompTIA Sec+, CYSA, CEH, CISSP, CISM, CISA, CCSP, Azure Fundamentals, GCIH, GCFA
• Strong technical foundation in security technologies and tools, such as DLP, SIEM, Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions, Azure Cloud Security, Intune, Defender, Entra, Conditional Access Policies, and Endpoint Controls
• Demonstrated proficiency in leveraging the security capabilities of Microsoft Azure and Office 365 to protect sensitive data, ensure compliance, and mitigate risks
• Knowledge of cybersecurity frameworks such as NIST, HITRUST, CIS, HIPAA, PCI
• Experience creating scripts and automating processes
• Strong incident response skills, including computer intrusion investigations and digital forensics in enterprise environments
• Excellent organization, planning, time management, project coordination, and project management skills
• Strong analytical and problem-solving skills

Responsibilities

• Function as the primary custodian of Evergreen Nephrology's critical assets and information systems
• Support and enhance the Information Security program, overseeing the protection and monitoring of Evergreen’s cloud-based systems, network devices, and endpoints
• Address security incidents and vulnerabilities to mitigate risks
• Partner with the Sr. Director of Information Security to develop and implement security strategies, ensuring the confidentiality, integrity, and availability of Evergreen’s cloud infrastructure on Azure and Office 365 platforms
• Mentor and coach more junior team members while also providing guidance and support in their professional development and daily tasks
• Work within our security team to develop, engineer, and maintain comprehensive security solutions for Evergreen’s Azure and Office 365 environments
• Lead the strategy and ongoing enhancement of the configuration and management of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions
• Develop and harmonize sustainable security strategies that significantly strengthen Evergreen’s overall security posture and ensure compliance with all relevant regulatory and industry requirements
• Implement and manage a comprehensive suite of technical security controls and tools, including but not limited to Azure monitoring and alerts, endpoint protection, firewalls, routers, switches, Azure AD, group policies, and conditional access policies
• Continuously monitor Evergreen's cloud environments for security threats and vulnerabilities. Promptly respond to and remediate any incidents, minimizing potential impact and ensuring the ongoing security and integrity of Evergreen’s information systems and assets
• Collaborate with the Security Team and Sr. Information Security Director to develop incident response playbooks
• Take a proactive role in all phases of security incident response activities, including triage, containment, eradication, and recovery, when necessary
• Collaborate closely with the Sr. Director of Information Security and key business units to develop and maintain a comprehensive Data Loss Prevention (DLP) strategy
• Develop and implement standardized, secure configurations for all endpoints, network devices, and applications
• Ensure that all security tools, including but not limited to Zscaler, Sentinel One, SIEM, O365, Abnormal, and Absolute, are properly configured and aligned with the policies and standards outlined in Evergreen's Information Security Policy
• Perform periodic vulnerability scans to ensure all endpoints, firewalls, and network devices are running the latest security patches
• Develop well-informed security recommendations and solutions in collaboration with the Sr. Director of Information Security, key stakeholders and business units
• Work closely with the Sr. Director of Information Security to pinpoint security loopholes, vulnerabilities, inefficiencies, and areas for enhancement
• Integrate advanced security tools, AI, and automation strategies to enhance Evergreen's ability to effectively detect, respond, and recover from security incidents
• Collaborate with the Sr. Director of Information Security to make strategic decisions regarding the procurement, consolidation, and implementation of new security tools and technologies
• Conduct thorough proof-of-concept evaluations to ensure selected solutions effectively address Evergreen's security requirements and integrate seamlessly with existing infrastructure
• Develop, maintain, and regularly update all relevant documentation, including security policies, procedures, standards, and diagrams
• Proactively stay informed about the latest security threats, vulnerabilities, and industry trends

Benefits

• Competitive base pay with bonuses
• Paid time off starting at four weeks for full-time employees
• 12 paid holidays per year
• Reimbursement for continuing medical education
• 401k with match
• Health, dental, and vision insurance