Staff Information Security Engineer

Summary

Join N-Power Medicine as a Staff Information Security Engineer and play a crucial role in designing, implementing, and optimizing security solutions to protect critical systems and sensitive patient data. Reporting to the Senior Manager, Security & Privacy, you will ensure compliance with industry regulations and mitigate cybersecurity risks. This remote position within the United States requires deep expertise in cloud security, security architecture, and risk management within a healthcare environment. You will be responsible for designing security controls, conducting threat modeling, performing vulnerability scans, and leading incident response efforts. Collaboration with cross-functional teams and the development and maintenance of security policies are key aspects of this role. N-Power Medicine offers a competitive salary, equity, a discretionary annual bonus, and company benefits.

Requirements

• 8+ years experience in Information Security with a focus on healthcare security solutions
• BS/BA, Computer Science, Cybersecurity, or equivalent relevant experience
• Strong knowledge of HIPAA, HITRUST, ISO 27001, NIST, and other healthcare security regulations
• Experience configuring and managing security technologies such as SIEM, EDR, firewalls, IDS/IPS, and cloud security tools
• Strong understanding of cryptographic principles, IAM, and endpoint security
• Expertise in securing cloud environments (AWS preferred) and in-house developed software applications
• Hands-on experience with DevSecOps practices and secure SDLC methodologies
• Strong interpersonal and communication skills with ability to effectively collaborate with cross-functional teams is a must
• Generous, Curious, and Humble

Responsibilities

• Design, implement, and manage security controls in accordance with HIPAA, HITRUST, ISO 27001, NIST, and other industry-standard security frameworks to protect N-Power systems and sensitive data
• Conduct periodic threat modeling and security risk assessments to identify and remediate security risks
• Perform vulnerability scans for N-Power Medicine systems and software and apply patches and upgrades as required
• Coordinate and oversee the execution of regular third-party penetration testing efforts and lead remediation for identified findings
• Support N-Power’s security audits through preparation of evidence, participation in interviews with auditors, and remediation of audit findings
• Lead security incident response efforts, including detection, containment, investigation, root cause analysis, and remediation of security incidents
• Implement continuous monitoring, threat intelligence and alerting through implementation and oversight of log aggregation and security information and event management (SIEM) solutions
• Collaborate with Data & Technology, Quality, and IT teams to integrate security requirements and best practices into in-house developed software products, data platforms, and proof of concept initiatives
• Integrate security best practices into CI/CD pipelines and conduct secure code reviews
• Develop and maintain security policies, procedures, and technical documentation
• Evaluate and recommend security technologies, tools, and practices to continuously enhance the organization’s security posture
• Assess and monitor the security posture of third-party vendors and partners
• Provide guidance and training to internal teams to promote a strong security culture
• Develop and enforce security configurations for firewalls, IDS/IPS, SIEM, and endpoint protection platforms
• Develop and test strategies to support high availability, business continuity, and disaster recovery of key platforms, tools and sensitive data

Preferred Qualifications

Relevant certifications such as CISSP, CISM, CISA, CEH, etc

Benefits

• Remote work within the United States
• Expected salary range for this position is $145,000 and $183,000
• Equity at hire
• Discretionary annual bonus which may be available based on Company performance
• Company benefits
• 401K plan
• Other great company “perks”