Senior Security Engineer

Healthdrive Corporation

$85K — $115K *
Healthcare
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 5-10 years of security engineering experience with a focus on infrastructure and cloud security.
  • Deep knowledge of network security fundamentals including TCP/IP, DNS, routing, and firewalls.
  • Hands-on experience with enterprise-grade firewalls like Fortinet or Palo Alto.
  • Proficiency in Microsoft Active Directory and Azure Active Directory.
  • Strong understanding of Azure cloud security best practices.
  • Experience with endpoint protection and data loss prevention technologies (preferably Proofpoint).
  • Excellent communication and collaboration skills for cross-functional teamwork.

Responsibilities

  • Build and maintain security infrastructure including firewalls and email security.
  • Implement cloud security controls in Microsoft Azure focusing on IAM and data protection.
  • Collaborate with infrastructure teams to design secure network and server configurations.
  • Manage endpoint and data protection policies with Proofpoint and refine detection rules.
  • Conduct regular vulnerability assessments and coordinate remediation with IT teams.
  • Lead incident response efforts, including detection, investigation, and recovery.
  • Develop automation scripts to enhance operational efficiency.

Benefits

  • Hybrid work schedule based in Framingham, MA office.
  • Collaboration with Managed Security Service Providers for enhanced threat monitoring.
  • Opportunity to enhance skills with the latest security technologies.
  • Involvement in third-party risk management adhering to HIPAA compliance.
Full Job Description
Overview

About the Role:

The Senior Security Engineer is a hands-on, implementation-focused role responsible for protecting HealthDrive's sensitive patient data and strengthening security across on-premises and Microsoft Azure environments. This engineer builds, configures, and operates security controls, including firewalls, endpoint and email protection, cloud security, and vulnerability management, while leading incident detection, investigation, and response. Working closely with IT leadership and HealthDrive's Managed Security Service Provider (MSSP), the engineer also manages the third-party risk process from end to end. This is primarily a technical build-and-operate role, not a policy or oversight position.

Work Environment:

Based at HealthDrive's Framingham, MA office (off Route 9, near Routes 90 and 495) on a hybrid schedule.

Compensation Range:

$85,000 to $115,000 / experience dependent

#INDHDCORPREC

Responsibilities

Security infrastructure management:

Build, configure, deploy, and maintain security infrastructure - firewalls, MDM, identity platforms, email security, and cloud - using Fortinet (preferred), Microsoft Active Directory, Microsoft 365, and Azure; hands-on experience with comparable firewalls such as Palo Alto is transferable.

Cloud security:

Implement and manage cloud security controls in Microsoft Azure, focusing on identity and access management, network security, and data protection.

Secure network & server design:

Partner hands-on with infrastructure teams to design and harden secure network and server configurations, including firewall, VPN, and access controls.

Endpoint & data protection:

Own and maintain the policy configuration for HealthDrive's Proofpoint platforms - Email Security, Email DLP, Endpoint DLP, and Data Security Posture Management (DSPM) tuning detection and prevention rules, triaging alerts, and refining controls to protect against phishing, malware, and data exfiltration.

Vulnerability management:

Conduct regular vulnerability assessments using tools such as SecureWorks or Qualys, and coordinate remediation efforts with IT teams.

Incident response:

Lead incident detection, investigation, containment, and recovery in collaboration with internal teams and external partners and operationalize threat intelligence to inform detection and response priorities.

Security automation:

Develop scripts in PowerShell, Python, or Bash to automate routine security tasks and improve operational efficiency.

Third-party risk management:

Own and drive HealthDrive's Third-Party Risk Management (TPRM) program end to end, including inbound and outbound security-questionnaire processes - assessing vendor and partner security posture, maintaining the vendor risk-scoring framework, responding to security assessments HealthDrive receives from partners and payers, and managing ongoing third-party risk in line with HIPAA and HealthDrive's data-protection obligations.

Compliance & risk management:

Ensure adherence to HIPAA and other regulatory requirements through policy enforcement and risk-mitigation strategies.

Documentation & training:

Maintain detailed documentation of security configurations and procedures and provide guidance to business and IT staff on security best practices.

Security awareness training:

Manage HealthDrive's security awareness training program - building and scheduling campaigns and phishing simulations, tracking completion and results, and reporting on workforce risk to IT leadership.

Collaboration with MSSP:

Serve as liaison with HealthDrive's Managed Security Service Provider to ensure effective threat monitoring and response.

Qualifications

Must have:

  • Infrastructure-focused security engineering background, able to both set strategy and execute hands-on.
  • Deep understanding of network security fundamentals (TCP/IP, DNS, routing, firewalls).
  • Hands-on experience with enterprise-grade firewalls and network security tools.
  • Proficiency in Microsoft Active Directory and Azure Active Directory (Microsoft Entra ID).
  • Strong knowledge of Azure cloud security best practices.
  • Experience with endpoint protection and data loss prevention (DLP) technologies, preferably Proofpoint tools.
  • Experience leading or running third-party risk / vendor security assessment processes.
  • Excellent problem-solving, communication, and collaboration skills, with the ability to work both independently and across cross-functional teams.


Nice to have:

  • Microsoft Intune (MDM).
  • Scripting with PowerShell, Python, or Bash.
  • SIEM / XDR platforms such as Microsoft Sentinel or SecureWorks; experience with comparable platforms is transferable.
  • Experience working with MSSPs and vulnerability detection and response platforms.
  • Knowledge of healthcare compliance standards (HIPAA, HITECH).
  • Experience managing security awareness training.
  • Experience with Okta MFA configuration.


Education & Qualifications:

  • Bachelor's degree in Cybersecurity, Computer Science, or a related field.
  • Approximately 10+ years of security engineering experience, with demonstrated depth in infrastructure and cloud security.


Certifications & Licenses:

(Preferred) CISSP; or at least one relevant security certification, such as Microsoft Certified: Azure Security Engineer Associate (AZ-500), CompTIA Security+, CISM, CCSP, or HCISPP

Core Competencies:

  • Communication
  • Cooperation and Team working
  • Adaptability
  • Expertise and Professionalism
  • Problem Solving / Analysis

Similar Jobs

More Jobs at Healthdrive Corporation

More Healthcare Jobs

Find similar Senior Security Engineer jobs: