Senior Information Security Engineer

Summary

Join Modernizing Medicine (ModMed) as a Senior Security Engineer and play a critical role in driving the security engineering program. You will serve as a subject matter expert and liaison between security and the business, providing technical leadership in securing applications and infrastructure. Responsibilities include collaborating with system owners, leading and mentoring team members, facilitating the identification and implementation of new controls, and making tactical decisions related to control prioritization. This role requires extensive experience in IT security, specifically as an Information Systems Security Officer, and expertise in applying NIST standards. ModMed offers a competitive benefits package, including comprehensive medical, dental, and vision benefits, 401(k) matching, generous paid time off, life and disability insurance, professional development opportunities, and a supportive work environment.

Requirements

• Minimum of 7 years’ experience in IT Security field
• Minimum of 5 years’ experience as an Information Systems Security Officer or similar role
• Ability to create, implement and maintain security plans for information systems and mentor both security team members and risk constituents in the practical application of NIST 800-18 Guide for Developing Security Plans for Federal Information Systems, the NIST Cyber Security Framework or similar industry standards
• Highly capable of practical application and mentoring others in the practical application of the NIST 800-53 Security and Privacy Controls for Information Systems
• Strong project management skills with significant experience in facilitating the selection and implementing information system controls; Plan of Action and Milestone Completion and oversight of ongoing activities related to system security plans such as ensuring that risk assessments, Information System Contingency Plans, Disaster Recovery tests and other plan activities are performed
• Expert in facilitating and advising ISSOs in the execution of their job functions in a matrixed organization
• Ability to effectively translate policies into technical requirements and back again

Responsibilities

• Collaborate with System Owners, the CISA, Information System Architects and System ISSOs to create, refine, and implement technical requirements
• Ownership of Security Engineering Program Management and metrics
• Lead and mentor Information Security team members, including technical members of the existing team and one or more mid-level ISSO liaisons in the future, in the execution of the duties of an ISSO Liaison
• Responsible for facilitating the identification of new controls to be implemented and, in some cases, leading the implementation process
• Responsible for making tactical decisions related to the prioritization and implementation of new controls and measures designed to close control gaps

Benefits

• Comprehensive medical, dental, and vision benefits, including a company Health Savings Account contribution
• 401(k):  ModMed provides a matching contribution each payday of 50% of your contribution deferred on up to 6% of your compensation. After one year of employment with ModMed, 100% of any matching contribution you receive is yours to keep
• Generous Paid Time Off and Paid Parental Leave programs
• Company paid Life and Disability benefits, Flexible Spending Account, and Employee Assistance Programs
• Company-sponsored Business Resource & Special Interest Groups that provide engaged and supportive communities within ModMed
• Professional development opportunities, including tuition reimbursement programs and unlimited access to LinkedIn Learning
• Global presence and in-person collaboration opportunities; dog-friendly HQ (US), Hybrid office-based roles and remote availability for some roles
• Weekly catered breakfast and lunch, treadmill workstations, Zen, and wellness rooms within our BRIC headquarters