Staff Security Engineer - Privileged Access Management

We’re looking for a security-minded, hands-on senior individual with extensive Security Architecture and Engineering experience to support our security solution programs, focused on Privileged Access Management (PAM). The candidate must have strong operational knowledge of the security tool landscape and have a track record of optimizing and automating processes to achieve measurable gains in efficiency and accuracy. This role is integral to the GIS program, and works directly alongside the Security Architecture / Engineering, Security Operations, Cyber Risk Governance, Tech Infrastructure and Network teams.

Responsibilities

• Be a thought leader and industry expert in the company for a significant technical vertical related to Security Technology (PAM)
• Engage with Executive level leaders to explain PAM concepts and present roadshows for associated initiatives.
• Lead global PAM security engineering projects, tool evaluations, deployments and mentor other engineers.
• Designing and implementing security processes to support security architecture and engineering using best-in-class security engineering principles; experience with the MITRE standards is a plus
• Security tool operations – building, maintaining, optimizing and configuring various tools across PAM.
• Lead design and architecture strategy and associated projects for PAM across all of GHX
• Strong experience with security metrics and measurements and process automation – understand how to measure monitoring of PAM processes and how to improve them based on historical data
• Partner with Security Operations (SecOps) Engineers to identify and evaluate best in class security solutions and plan production deployments and help document runbooks accordingly
• Support enterprise cybersecurity tabletop exercises across cross-function teams
• Assist with cybersecurity forensics and investigations

Knowledge and Skills

• Experience with IAM products such as CyberArk, SailPoint, and Okta.
• Strong understanding of security architecture and engineering concepts
• Strong understanding of MITRE TTPs or similar
• Demonstrated past contributor and “plugged-in” to the threat intelligence community and various industry sources
• Understand what it means to “think like a hacker” and take the attacker viewpoint
• Experience with operating security tools such as endpoint, server, and cloud PAM
• Experience with managing approved software via a PAM solution

Required Experience

• 8+ years of relevant security engineering experience
• 10+ years of IT experience

Preferred Experience

• CISSP or equivalent

Key Differentiator

• Security operations and threat intelligence experience
• Strong communicator who can partner internationally with senior security and application team members
• Self starter, takes initiative with strong conviction

Estimated Salary Range for this position: $137,000 to $183,500

The base salary range represents the anticipated low and high end of the GHX’s salary range for this position. The base salary is one component of GHX’s total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/

#LI-SR

GHX: It's the way you do business in healthcare

Global Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.

GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.

It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 1000 people worldwide. Our corporate headquarters is in Colorado, with additional offices in Europe.

Disclaimer

Global Healthcare Exchange, LLC and its North American subsidiaries (collectively, “GHX”) provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX’s employees to perform their expected job duties is absolutely not tolerated.

Read our GHX Privacy Policy_

Create a Job Alert

Interested in building your career at GHX? Get future opportunities sent straight to your email.

Create alert

Apply for this job

------------------

*

indicates a required field

Autofill with MyGreenhouse

First Name*

Last Name*

Email*

Phone

Country*

Phone*

Resume/CV*

AttachAttach

Dropbox

Google Drive

Enter manuallyEnter manually

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

AttachAttach

Dropbox

Google Drive

Enter manuallyEnter manually

Accepted file types: pdf, doc, docx, txt, rtf

• * *

Are you legally authorized to work in the U.S.?*

Select...

Will you now or in the future require visa sponsorship?*

Select...

Please describe your current work authorization status.*

Please describe your background and how it relates to this role.

What are your expectations for pay in this role?*

What City do you live in?*

What State do you live in?*

How many years of hands-on experience do you have implementing or managing Privileged Access Management (PAM) solutions (e.g., CyberArk, BeyondTrust, Thycotic, etc.)?*

Select...

What level of experience do you have automating security processes or metrics reporting?*

Select...

Which of the following PAM tools have you directly configured or administered in a production environment? (Select all that apply) *

A. CyberArk

B. BeyondTrust

C. Thycotic / Delinea

D. HashiCorp Vault

E. Custom / internally developed PAM solution

F. None of the above

Which best describes your experience designing or architecting PAM solutions?*

Select...

How comfortable are you engaging with executive leaders to explain technical PAM concepts?*

Select...

Which statement best reflects your approach to security architecture and engineering?*

Select...

Which of the following technologies or languages have you used for automation or integration in security operations? (select all that apply) *

A. PowerShell

B. Python

C. REST APIs / JSON

D. SIEM integrations (e.g., Splunk, Sentinel)

E. None of the above

How familiar are you with the MITRE ATT&CK framework or similar threat modeling standards?*

Select...

Which best describes your involvement with the threat intelligence community?*

Select...

Total years of professional IT experience:*

Select...

Total years of direct experience in security architecture or engineering:*

Select...

Which certifications do you currently hold? (Select all that apply) *

A. CISSP

B. CISM

C. CEH

D. AWS / Azure Security Specialty

E. None of the above

Which best describes your collaboration experience across international teams?*

Select...

How would your peers describe your communication style when explaining complex technical concepts?*

Select...

If you were referred to this position by a current GHX employee, or other individual, please provide the person’s name.*

Do you have any relatives at GHX? (If so, please provide the individual’s name)*

Are you currently working for a GHX customer?*

Select...

Have you ever worked for GHX?*

Select...

Pre-employment Statement: Applicants and Employees are evaluated without regard to mental or physical disability, gender identity, race, religion, sexual orientation, color, gender, national origin, age, marital status, military or veteran status or any other protected local, state, or federal status. I represent that the information I provide in this Application for Employment is complete, true and accurate, and if provide any incomplete, inaccurate or false information during the selection process, the organization may deny my application and/or terminate my employment if it discovers such information after I am hired. I authorize the organization to contact anyone that it deems appropriate to verify the information I have provided or to further investigate my background, past performance and suitability for employment. I consent to being discussed by any person contacted by the organization and waive all rights to bring any action for defamation, invasion of privacy or any similar claim against anyone who provides information to the organization with a good faith belief that the information provided is true. I understand that this Application for Employment is not an offer of employment and only a written offer signed by an authorized representative of the organization will be effective (Checking the box is equivalent to a handwritten signature.)*

Select...

Pre-Employment Statement

When you apply for a job on this site, the personal information in your application is collected and processed as described in the GHX Privacy Policy (See hyperlink below). The Privacy Policy also describes your rights with respect to your personal information and how to exercise your rights. Please review the Privacy Policy carefully, and if you do not agree to processing of your personal information as described in the Privacy Policy, do not submit your personal information. *

Select...

GHX Privacy Policy

What is your full legal name?*

Voluntary Self-Identification

-----------------------------

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in GHX’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Select...

Are you Hispanic/Latino?

Select...

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Select...

Voluntary Self-Identification of Disability

-------------------------------------------

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

• Alcohol or other substance use disorder (not currently using drugs illegally)
• Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
• Blind or low vision
• Cancer (past or present)
• Cardiovascular or heart disease
• Celiac disease
• Cerebral palsy
• Deaf or serious difficulty hearing
• Diabetes
• Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
• Epilepsy or other seizure disorder
• Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
• Intellectual or developmental disability
• Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
• Missing limbs or partially missing limbs
• Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
• Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
• Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
• Partial or complete paralysis (any cause)
• Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
• Short stature (dwarfism)
• Traumatic brain injury

Disability Status

Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Submit application