Medical Guardian is a fast-growing digital health and safety company on a mission to help people live a life without limits. We're seeking a highly skilled and strategic Senior Security Engineer to strengthen and mature our enterprise security capabilities as part of the broader IT Operations organization.
Requirements
- Design and implement secure architecture patterns across Azure and AWS cloud environments, as well as on-prem and hybrid infrastructures
- Lead security design reviews for infrastructure and application initiatives
- Engineer and optimize enterprise security controls across endpoint protection, threat detection and response, network security, email security, data protection, cloud access governance, and privileged access management
- Define and implement Zero Trust principles
- Secure Kubernetes and containerized workloads
- Automate security guardrails using infrastructure as code such as Terraform, Bicep, and CloudFormation
- Implement enterprise data classification, DLP, encryption, and tenant-level controls across Microsoft 365 and Azure to prevent data exfiltration and unauthorized AI service access
- Secure AI model training data, inference endpoints, APIs, and service principals while enforcing governance controls to prevent exposure of sensitive or regulated data
- Develop guardrails to detect and prevent shadow AI adoption
- Evaluate third-party AI tools for security, privacy, and data residency risks
- Partner with Legal and Compliance teams to support responsible AI governance and regulatory requirements
- Partner with DevOps and Engineering teams to integrate automated application security testing, including static analysis, dynamic testing, and secret detection, into CI and CD pipelines prior to deployment
- Perform threat modeling and architecture risk assessments
- Enhance detection engineering use cases within SIEM and develop automated response playbooks
- Lead post-incident reviews and root cause analysis
- Lead and facilitate regular incident response tabletop exercises and coordinated response simulations to validate detection, escalation, and cross-functional readiness
- Oversee enterprise vulnerability management including scanning, risk-based prioritization, and remediation tracking
- Develop metrics and reporting for executive visibility
- Support regulatory requirements including HIPAA, HITRUST, SOC 2, and PCI-DSS as applicable
- Assist with audits and evidence collection
- Develop and maintain security policies and standards
- Perform third-party risk assessments
- Oversee MDR detection coverage, alert tuning, escalation workflows, service level adherence, and integration of logging and telemetry between internal systems and third-party providers
- Collaborate with the MSP on infrastructure security hardening, patching strategy, endpoint protection, and configuration management
- Drive continuous improvement through regular performance reviews and security posture assessments with external partners
- Provide technical guidance and drive security best practices across IT and Engineering initiatives
- Serve as escalation point for complex security issues
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Paid Time Off (Vacation, Sick Time Off & Holidays)
- Company Paid Short Term Disability and Life Insurance
- Retirement Plan (401k) with Company Match
