Security Engineer

• Support the development and implementation of security protocols to protect OnMed’s data, infrastructure, networks, and facilities.
• Assist in the configuration and management of monitoring and alerting tools to proactively detect and respond to threats.
• Collaborate cross-functionally to ensure platforms comply with OnMed’s security policies and infrastructure.
• Manage access controls for digital systems and physical facilities.
• Maintain and continuously improve SOC 2 control frameworks.
• Work closely with external auditors and internal stakeholders to ensure evidence collection and policy adherence.
• Monitor control effectiveness and support remediation efforts where needed.
• Review and respond to security questionnaires from vendors and customers.
• Conduct security due diligence on third-party tools and service providers.
• Track and maintain documentation for vendor risk assessments.
• Lead triage, investigation, and mitigation of security incidents.
• Coordinate with relevant teams to ensure timely containment and recovery.
• Conduct root cause analysis and recommend improvements to prevent recurrence.
• Collaborate with IT and engineering to implement and manage security tools (SIEM, EDR, etc.).
• Monitor infrastructure and application logs for threats and anomalies.
• Automate security checks and integrate security into CI/CD pipelines as needed.
• Assist in the development and enforcement of security policies and procedures.
• Support employee security training and awareness initiatives.
• Assist in the implementation of Zero Trust protocols across OnMed platforms.
• Leverage automation to monitor, alert, and resolve security incidents.
• Help maintain compliance with SOC 2 and HITRUST standards and contribute to formal reporting efforts.
• Participate in regular risk assessments and internal audits.
• Support physical security operations, including access control and video surveillance audits.
• Perform other related role responsibilities as assigned.

Security Engineer

Security Research Manager, Coverage Team

Senior Security Engineer

Security Engineer, Privacy

Corporate Security Manager – Design & Construction

Manager, Information Security Compliance