Position Summary
The Security Engineer is responsible for the implementation and operation of the information security systems at Lirio, including the security of the cloud native implementation of Lirio’s Precision Nudging platform, and the security of its internal business networks. This role partners with Cloud Engineers, Data Engineers, IT and Architecture teams to establish and improve departmental and system security posture. The Security Engineer is a primary contributor to the security operations at Lirio, and also in evaluating, maturing and implementing the security tools and processes to assure Lirio is well-positioned to protect the privacy of the sensitive data being managed within its network.
Essential Duties & Responsibilities
- Key contributor to security operations & analysis, including
- Monitoring of log and alert streams across the Lirio networks
- Security event/alert analysis, investigation and remediation
- Prioritizing and remediating CVEs
- Performing security access and vendor reviews
- Execute internal testing activities, including but not limited to internal scans, phishing campaigns, and internal penetration testing
- Key contributor to incident management activities
- Strengthen Lirio's security posture by continuously evaluating and maturing security tools such as Defender for Cloud, Defender for Endpoint, Defender for Containers & API's, Azure Sentinel and Snyk security platform
- Continuously improves the level of automation/information in the security tools by creating security playbooks and dashboards in KQL for Azure Sentinel SIEM
- Contribute to security architecture reviews of application designs, cloud infrastructure, identifying threats and vulnerabilities to Lirio systems; provide security recommendations and aligning them to GRC risk ranking systems
- Implement information security policies, controls and systems adhering to Governance, Risk and Compliance standards
- Create and maintain technical documentation around security practices and initiatives, ensuring detailed records of security protocols, tools, processes, and incident responses
- Implement and monitor the secure baseline and secure configuration required for production systems at Lirio
- Supports risk assessments, including privacy risk assessments, as needed
- Supports compliance and security audits as needed through evidence gathering
- Deploy and run cloud-based vulnerability scans for internal and external asset
- Offensive security & penetration testing experience to drive security posture improvements across the organization
- Conduct black box testing, code reviews, automation, threat modeling and research to reduce risk to Lirio microservices and Infrastructure
Qualifications
- 3-5 years of related experience
- Experience configuring, operating and optimizing the Microsoft Defender suite and Azure Sentinel.
- Experience with cloud architectures and security, including concepts like microservices, containers, and technologies like Kubernetes and Kafka.
- Experience in cybersecurity implementations and operations within the healthcare industry.
- Knowledge in modern network architectures, technologies and network security best practices
- Knowledge in modern security principles including zero trust, conditional access, defense in depth and attack surface reduction.
- Experience writing technical Security documentation.
- Experienced in Terraform and Security As Code methodologies.
- Experience writing Azure Sentinel Queries with Kusto Query Language (KQL).
- Experience supporting GRC adherence from an application security and infrastructure standpoint, codifying controls based on standards like HIPAA HITRUST, SOC2, NIST CSF.
- Cloud IaaS security experience.
- Secrets management experience with Azure Key vault
- Experience analyzing, assessing, and respond to various internet threats; conduct regular security assessments.
- General *nix and system administration knowledge
- Scripting knowledge for Security testing and API integrations (Python, Bash, Go etc.)
- Security Tool Expertise like Microsoft Defender for: Endpoint, for Cloud for Containers, Runtime Security, EDR, Snyk.
- Microsoft Intune
- Firewalls & Access Control Lists, Web Application Firewalls, building policies and analyzing flows using SIEM, tcpdump, Wireshark
- Understanding of containers and microservices architecture (docker, Kubernetes etc.)
- Source Code Management: Git, Gradle, Azure Devops
- Infrastructure as code: Terraform, CloudFormation, Ansible, Chef, Helm
- Written and verbal communication skills, time management skills, comfortable in a fast-paced environment
- Collaborative / team oriented, willingness to teach and learn
- Ability to quickly learn company terminology and processes
- CISSP, CEH, and/or CCSP certifications a plus
Benefits
- Medical (HSA available)
- Dental
- Vision
- Short-term & long-term disability (company-paid)
- Life & AD&D (company-paid)
- 401K with company match
- 10 paid holidays + holiday week company closure
- Flexible time off policy
- Work from home
- Salary range: $135,000-$160,000
