Senior Security Engineer
Indexed description
About The Role:
The Senior Security Engineer is a hands-on, implementation-focused role responsible for protecting HealthDrive’s sensitive patient data and strengthening security across on-premises and Microsoft Azure environments. This engineer builds, configures, and operates security controls , including firewalls, endpoint and email protection, cloud security, and vulnerability management , while leading incident detection, investigation, and response. Working closely with IT leadership and HealthDrive’s Managed Security Service Provider (MSSP), the engineer also manages the third-party risk process from end to end. This is primarily a technical build-and-operate role, not a policy or oversight position.
Work Environment:
Based at HealthDrive’s Framingham, MA office (off Route 9, near Routes 90 and 495) on a hybrid schedule.
Compensation Range:
$85,000 to $115,000 / experience dependent
#INDHDCORPREC
Responsibilities
Security infrastructure management :
Build , configure, deploy, and maintain security infrastructure — firewalls, MDM, identity platforms, email security, and cloud — using Fortinet (preferred), Microsoft Active Directory, Microsoft 365, and Azure; hands-on experience with comparable firewalls such as Palo Alto is transferable.
Cloud Security :
Implement and manage cloud security controls in Microsoft Azure, focusing on identity and access management, network security, and data protection.
Secure Network & Server Design :
Partner hands-on with infrastructure teams to design and harden secure network and server configurations, including firewall, VPN, and access controls.
Endpoint & Data Protection :
Own and maintain the policy configuration for HealthDrive's Proofpoint platforms — Email Security, Email DLP, Endpoint DLP, and Data Security Posture Management ( DSPM) tuning detection and prevention rules, triaging alerts, and refining controls to protect against phishing, malware, and data exfiltration.
Vulnerability Management :
Conduct regular vulnerability assessments using tools such as SecureWorks or Qualys, and coordinate remediation efforts with IT teams.
Incident Response :
Lead incident detection, investigation, containment, and recovery in collaboration with internal teams and external partners and operationalize threat intelligence to inform detection and response priorities.
Security Automation :
Develop scripts in PowerShell, Python, or Bash to automate routine security tasks and improve operational efficiency.
Third-party Risk Management :
Own and drive HealthDrive’s Third-Party Risk Management (TPRM) program end to end, including inbound and outbound security-questionnaire processes — assessing vendor and partner security posture, maintaining the vendor risk-scoring framework, responding to security assessments HealthDrive receives from partners and payers, and managing ongoing third-party risk in line with HIPAA and HealthDrive’s data-protection obligations.
Compliance & Risk Management :
Ensure adherence to HIPAA and other regulatory requirements through policy enforcement and risk-mitigation strategies.
Documentation & Training :
Maintain detailed documentation of security configurations and procedures and provide guidance to business and IT staff on security best practices.
Security Awareness Training :
Manage HealthDrive's security awareness training program — building and scheduling campaigns and phishing simulations, tracking completion and results, and reporting on workforce risk to IT leadership.
Collaboration With MSSP :
Serve as liaison with HealthDrive’s Managed Security Service Provider to ensure effective threat monitoring and response.
Qualifications
Must have :
- Infrastructure-focused security engineering background, able to both set strategy and execute hands-on.
- Deep understanding of network security fundamentals (TCP/IP, DNS, routing, firewalls).
- Hands-on experience with enterprise-grade firewalls and network security tools.
- Proficiency in Microsoft Active Directory and Azure Active Directory (Microsoft Entra ID).
- Strong knowledge of Azure cloud security best practices.
- Experience with endpoint protection and data loss prevention (DLP) technologies , preferably Proofpoint tools .
- Experience leading or running third-party risk / vendor security assessment processes.
- Excellent problem-solving, communication, and collaboration skills, with the ability to work both independently and across cross-functional teams.
- Microsoft Intune (MDM).
- Scripting with PowerShell, Python, or Bash.
- SIEM / XDR platforms such as Microsoft Sentinel or SecureWorks; experience with comparable platforms is transferable.
- Experience working with MSSPs and vulnerability detection and response platforms.
- Knowledge of healthcare compliance standards (HIPAA, HITECH).
- Experience managing security awareness training .
- Experience with Okta MFA configuration.
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
- Approximately 10+ years of security engineering experience, with demonstrated depth in infrastructure and cloud security.
Core Competencies :
- Communication
- Cooperation and Team working
- Adaptability
- Expertise and Professionalism
- Problem Solving / Analysis
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search