We're seeking a proactive Cybersecurity Engineer to strengthen our security posture across audit compliance, cloud infrastructure, corporate security support, and AI-driven security initiatives. This role requires deep technical expertise, project management skills, and the ability to collaborate effectively across teams.

Who will love this job

• An Innovator: who thinks outside the box to introduce new methods, ideas, and products
• A Problem solver: who is passionate about using technology to solve complicated problems, and harnessing the power of data to adopt new tactics to enhance efficiency and scalability
• A Team builder: who enjoys coaching developers, product owners and other security team members in understanding security principles; attracting and retaining A-players
• A Trusted advisor: someone with strong leadership acumen who always strives to do better tomorrow than today, and continuously improve DrFirst security program
• A Driver: who works with purpose and passion; someone who will elevate our technical teams through new perspectives, ideas, and solutions
• A Collaborator: who can navigate internal teams together to deliver best in class products contributing to DrFirst’s market share and profitability targets.

Audit Leadership (25%)

• Work with cross-org stakeholders to implement and monitor AI-specific controls based on NIST AI 600 and HITRUST AI Certification
• Lead evidence collection for certified audits using security read-only access to production systems
• Coordinate with departmental subject matter experts to ensure timely audit completion
• Apply technical expertise to streamline audit processes and maintain compliance

Cloud Security & Monitoring (25%)

• Conduct internal audits of AWS and GCP configurations for security compliance
• Recommend cloud settings to optimize security and operational efficiency
• Fine-tune security alerts to minimize false positives and maximize actionable intelligence

Corporate Security Support (25%)

• Complete customer security questionnaires promptly and accurately
• Maintain current knowledge of product security controls and changes
• Develop and maintain NIST 800-53 control frameworks for proactive customer sharing
• Execute Vendor Risk Assessments (VRAs) with focus on emerging trends and preferred vendor guidance

AI Security Program Development (25%)

• Monitor AI-driven security developments and implementation best practices
• Understand evolving AI security governance frameworks and compliance requirements
• Implement AI security monitoring systems and respond to compliance alerts

Technical Skills

• Deep expertise in AWS and GCP security configurations
• Strong understanding of NIST 800-53 and security compliance frameworks
• Experience with security monitoring tools and alert management
• Scripting abilities for automation (Python, PowerShell, or similar)

Core Competencies

• Exceptional critical thinking and problem-solving skills
• Proven project management experience from concept to implementation
• Strong cross-functional collaboration and influence skills
• Detail-oriented with ability to manage competing priorities
• Professional judgment to focus on high-impact activities

Experience Requirements

• 5+ years in cybersecurity engineering or related field
• Experience with certified security audits (SOC 2, ISO 27001, HITRUST)
• Background in cloud security architecture and monitoring
• Track record of process improvement and automation initiatives

Preferred Qualifications

• Security certifications (CISSP, CCSP, AWS Security, GCP Security)
• Experience with AI/ML security frameworks
• Background in vendor risk assessment processes
• Previous experience in customer-facing security communications

• 90% Desk/phone work
• 10% Standing/moving throughout the office

#LI-GF1 #LI-Remote 

• Competitive compensation, with a base salary of $130,000 - $150,000 (Exact compensation may vary based on skills and experience)
• Eligible for Company Performance-based Bonus Program, based on individual and company performance
• Medical, dental, and vision insurance
• 401K eligible after 3 months of employment, with 50% company match up to first 5% of salary contributed to the plan with a 3-year vesting schedule
• HSA for eligible employees enrolled in the HDHP, with a generous company contribution up to $500 for individual coverage and $1000 for family coverage per year
• 100% company-paid short and long-term disability, AD&D, and group life insurance
• Accrued annual paid time off (PTO) of 18 days for the first 3 years of service, increasing thereafter and 7 paid holiday days
• Employee Assistance Program
• Continuing Education funds up to $1500 annually for eligible programs after 1 year of service
• Voluntary benefits including FSA, Hospital indemnity, Accident and Critical Illness insurances