OnMed

Security Engineer

OnMed

full-time

Posted on:

Location Type: Hybrid

Location: White Plains • New York • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $110,000 - $120,000 per year

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudFirewalls

About the role

  • Support the development and implementation of security protocols to protect OnMed’s data, infrastructure, networks, and facilities.
  • Assist in the configuration and management of monitoring and alerting tools to proactively detect and respond to threats.
  • Collaborate cross-functionally to ensure platforms comply with OnMed’s security policies and infrastructure.
  • Manage access controls for digital systems and physical facilities.
  • Maintain and continuously improve SOC 2 control frameworks.
  • Work closely with external auditors and internal stakeholders to ensure evidence collection and policy adherence.
  • Monitor control effectiveness and support remediation efforts where needed.
  • Review and respond to security questionnaires from vendors and customers.
  • Conduct security due diligence on third-party tools and service providers.
  • Track and maintain documentation for vendor risk assessments.
  • Lead triage, investigation, and mitigation of security incidents.
  • Coordinate with relevant teams to ensure timely containment and recovery.
  • Conduct root cause analysis and recommend improvements to prevent recurrence.
  • Collaborate with IT and engineering to implement and manage security tools (SIEM, EDR, etc.).
  • Monitor infrastructure and application logs for threats and anomalies.
  • Automate security checks and integrate security into CI/CD pipelines as needed.
  • Assist in the development and enforcement of security policies and procedures.
  • Support employee security training and awareness initiatives.
  • Assist in the implementation of Zero Trust protocols across OnMed platforms.
  • Leverage automation to monitor, alert, and resolve security incidents.
  • Help maintain compliance with SOC 2 and HITRUST standards and contribute to formal reporting efforts.
  • Participate in regular risk assessments and internal audits.
  • Support physical security operations, including access control and video surveillance audits.
  • Perform other related role responsibilities as assigned.

Requirements

  • Strong foundational understanding of information security principles and practices.
  • Experience securing cloud platforms (Azure or AWS) and on-prem infrastructure.
  • Proficiency in endpoint security across workstations, network appliances, and other devices.
  • Familiarity with monitoring, alerting, and incident response tools.
  • Ability to conduct risk assessments and support compliance initiatives.
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal abilities.
  • Ability to work independently and collaboratively in a fast-paced environment.
  • Detail-oriented with a proactive and forward-thinking mindset.
  • Encryption at rest and in transit
  • Experience in Key management (e.g., AWS KMS)
  • Experience in the healthcare industry or with healthcare compliance standards (nice-to-have).
  • Familiarity with Zero Trust architecture and implementation (nice-to-have).
  • Experience with automation tools for security operations (nice-to-have).
  • Hands-on experience with physical security systems (e.g., access control, surveillance) (nice-to-have).
  • Exposure to SOC 2 and HITRUST compliance frameworks (nice-to-have).
  • Experience working with external vendors for security assessments (nice-to-have).
  • Experience with Firewalls, VPNs, IDS/IPS (nice-to-have).
  • Experience in Network segmentation (nice-to-have).
  • Understanding of OWASP Top 10 (nice-to-have).
  • Secure coding practices (nice-to-have).
  • Tokenization and hashing (nice-to-have).
  • SAST/DAST tools (e.g., SonarQube, Burp Suite) (nice-to-have).
  • Bachelor's degree in Computer Science, Information Technology, or a related field.
  • 5+ years of experience in information security, preferably in a regulated industry.
  • 3+ years of experience securing cloud and on-prem environments.
  • Industry certifications such as CISSP, CISM, GSEC, or equivalent.
  • Azure and/or AWS security certifications preferred.
Benefits
  • OnMed provides a competitive salary and benefits package
  • Unlimited PTO
  • Paid holidays

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
information security principlescloud securityendpoint securityrisk assessmentsencryptionkey managementZero Trust architectureautomation toolsphysical security systemsnetwork segmentation
Soft skills
analytical skillsproblem-solving skillscommunication abilitiesinterpersonal abilitiesindependent workcollaborative workdetail-orientedproactive mindsetforward-thinking mindset
Certifications
CISSPCISMGSECAzure security certificationAWS security certification
Hazen and Sawyer

OT Cyber Security Team Leader

Hazen and Sawyer
Seniorfull-time$175k–$200k / yearNew York · 🇺🇸 United States
Posted: 3 hours agoSource: workforcenow.adp.com
AWSAzureCloudCyber SecurityJavaScriptLinuxPythonRubySQLUnix
TD

Audit Manager II – Technology Cybersecurity Audit

TD
Senior · Leadfull-time$87k–$139k / yearNew Jersey, New York · 🇺🇸 United States
Posted: 13 hours agoSource: td.wd3.myworkdayjobs.com
Smarsh

Senior Manager, Product Security

Smarsh
Seniorfull-time$181k–$233k / yearCalifornia, New York, Oregon · 🇺🇸 United States
Posted: 20 hours agoSource: jobs.lever.co
AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformKubernetesSDLC
TD

Audit Manager II – Technology Cybersecurity Audit

TD
Senior · Leadfull-time$87k–$139k / yearNew Jersey, New York · 🇺🇸 United States
Posted: 1 day agoSource: td.wd3.myworkdayjobs.com