Security Engineer

• Hands-on management of enterprise-wide security tools and platforms including SIEM, DLP, EDR/XDR, and vulnerability management across hybrid environments (cloud and on-prem).
• Monitor security alerts, respond to incidents, and manage escalations.
• Participate in Incident Response on-call rotation.
• Conduct threat analysis, vulnerability assessments, and risk evaluations.
• Manage and secure identities in Microsoft Entra ID through Conditional Access and Entitlement Management.
• Develop and implement strategies for Data Loss Prevention and identify gaps in DLP coverage.
• Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities to ensure TherapyNotes remains resilient against evolving risks.
• Conduct periodic system and network configuration reviews to ensure compliance with security standards.
• Collaborate with developmental teams to ensure security is continuously integrated into the Software Development Lifecycle (SDLC) and CI/CD pipeline.
• Enforce secure coding standards and best practices to minimize vulnerabilities and to protect the confidentiality, integrity, and availability of our customer's data.
• Identify and document cyber risks and manage mitigation, follow up on open security risks, and report issues to leadership.
• Align Zero Trust principles with organizational security goals to ensure secure access to corporate resources, both on-premises and in the cloud.
• Participate in audits and assessments, supporting governance, risk management, and compliance (GRC) efforts.

Senior Cloud Security Engineer

Cloud Security Engineer

Senior Lead Security Engineer – Bot Management

Principal Application Security Consultant

Senior Account Executive – SIEM, Security Analytics

Security Engineer