Come join a winning team! Here at Imprivata youll see a dedicated group of professionals who care about improving health care. Our team thrives on collaboration and sharing ideas, whether in a cross-functional meeting or at one of our virtual team-building events.
While we're diverse in our backgrounds and skills, we have much in common. A passion for our mission. A strong sense of integrity. A belief that we're making a positive impact and a commitment to having fun.
We are seeking a Senior IT Security Engineer to join our team.
The Senior IT Security Engineer is responsible for assessment, architecture, implementation, and support of information security systems, operations, and procedures. The Senior IT Senior Engineer is an operating position that also has input on the strategic direction of the company. This role will play a key part in implementing our overall risk management framework, which is being designed to keep velocity high while always balancing critical security needs.
The Senior IT Senior Engineer will work on security operational projects across the traditional IT framework as well as working with each part of the business on their specific needs and having a stake in customer-facing applications. This position will be asked to provide input across both long term strategies and shorter-term planning. Regular monitoring and testing procedures will be led by this position.
Duties and Responsibilities
- Data Governance: Design/update/implement and monitor data governance standards and services not only for the current Imprivata but our future technical environment.
- Security Audit: Technically lead and assist in the improvement of all rigorous third-party security and risk assessment programs.
- Security Framework: Lead technical efforts around the adoption, assessment, and continuous improvement of our evolving security framework requirements including aspects of HiTrust, ISO27001 and all other business requirements.
- Security Monitoring: Lead technical efforts designed to ensure business alignment with all security policies/procedures
- Risk Assessment: Lead technical efforts around design, test and implementation of risk assessment processes and programs including threat hunting and real time investigations/alerting.
- Security Compliance Education: Assist in the development and improvement of our security education initiatives.
- Responsible for security event analysis, triage, escalation, and process design.
- Responsible scripting/automation of tasks
- Responsible for vulnerability scanning/reporting
- Leads and supports day today security operations
- Leads incident response events
- May perform basic system/platform auditing
- Provide technical guidance in software engineering environment technology domains to help Imprivata stay on the leading edge of technology.
- Create and review requirements; assist in design, development, and maintenance of Information Security technologies.
- Lead evaluation and review of business technologies including suite of tools both in the cloud and on premise.
- Tier 1 & 2 level of escalation for important and varied issues
- Solid understanding and experience with traditional business technologies and foundational execution skills and specific areas of technical depth.
- Solid resource for all of our offices and off-shore development teams as well as providing mid-level support to our software development teams
- Job requires evening and weekend work. Some travel to be expected. Includes participation in an on-call rotation.
- SaaS Security Design: Significant experience particularly around the audit and security design for SaaS services hosting sensitive customer information is essential.
- Security Monitoring/Alerting: Lead design/implementation/improvement exercises around our security monitoring & alerting program to include implementation of a SIEM focused on threat hunting, compromise assessment, continuous breach assessment, incident response, real-time alerting, and alert validation processes.
- Compliance Monitoring: Assess and improve existing security monitoring compliance processes to include all endpoints, servers, services, and network services.
- Tool Assessment: Significant experience evaluating and selecting security tools based on a standard criteria is essential.
- Bachelors degree in Computer Science or related experience
- 7+ years of experience progressively advancing experience in IT Security including:
- Hands-on security operational experience and experience with Firewalls, Antivirus, WIFI, and VPN technologies
- Security design including international challenges across cloud and on-premise
- Security incident response experience
- Experience leading or participating in major security process initiatives
- Experience with security process compliance
- Experience with security risk management standards across standard frameworks such as NIST, ISO27001
- Active Directory and Microsoft suite experience a plus.
- Experience working in software engineering and healthcare a plus
- Experience working with the following tools is a plus: Checkpoint, ASA, Crowdstrike, Digital Guardian is a plus
- Project Management experience is essential
- Strong written and verbal communication skills. Able to communicate across multiple levels of an organization and influence.
- Strong prioritizing capabilities.
- Ability to work independently.
- Extensive experience in implementing and supporting cloud-based security technologies.
- Advanced Information Security Framework and Compliance knowledge (NIST, ISO, SOC2)
- Advanced technical expertise with scripting languages and automation tools.
- Team player someone who is as interested in others success as your own with a passion for providing world-class service.
At Imprivata, we have a top-notch work environment, developmental opportunities, a competitive total rewards package, and the desire to have fun. If you have the skills and qualifications as we have described above, we want to hear from you!
Imprivata provides equal employment opportunities to minorities, females, veterans, and disabled individuals, as well as other protected groups.