MCPNew: now works with Claude & AI assistants
healthdrive

healthdrive

Senior Security Engineer

Company

healthdrive

Role

Senior Security Engineer

Location

Framingham, MA, US

Job type

Other

Found on Mokaru

2 days ago

Share this job

Salary

$85k - $115k/yearly

Job description

Overview

About HealthDrive

HealthDrive delivers on-site healthcare services to residents of long-term care facilities, offering a comprehensive suite of specialties including primary care, behavioral health, dentistry, optometry, podiatry, and audiology. Our mission is to improve the quality of life for patients through compassionate and consistent care, while supporting our partners with reliable, integrated healthcare solutions tailored to the unique needs of senior populations.

About the Role

The Senior Security Engineer is a hands-on, implementation-focused role responsible for protecting HealthDrive’s sensitive patient data and strengthening security across on-premises and Microsoft Azure environments. This engineer builds, configures, and operates security controls, including firewalls, endpoint and email protection, cloud security, and vulnerability management, while leading incident detection, investigation, and response. Working closely with IT leadership and HealthDrive’s Managed Security Service Provider (MSSP), the engineer also manages the third-party risk process from end to end. This is primarily a technical build-and-operate role, not a policy or oversight position.

Work Environment

Based at HealthDrive’s Framingham, MA office (off Route 9, near Routes 90 and 495) on a hybrid schedule.

Compensation Range

$85,000 to $115,000 / experience dependent

#INDHDCORPREC

Responsibilities

Security infrastructure management

Build, configure, deploy, and maintain security infrastructure — firewalls, MDM, identity platforms, email security, and cloud — using Fortinet (preferred), Microsoft Active Directory, Microsoft 365, and Azure; hands-on experience with comparable firewalls such as Palo Alto is transferable.

Cloud security

Implement and manage cloud security controls in Microsoft Azure, focusing on identity and access management, network security, and data protection.

Secure network & server design

Partner hands-on with infrastructure teams to design and harden secure network and server configurations, including firewall, VPN, and access controls.

Endpoint & data protection

Own and maintain the policy configuration for HealthDrive's Proofpoint platforms — Email Security, Email DLP, Endpoint DLP, and Data Security Posture Management (DSPM) tuning detection and prevention rules, triaging alerts, and refining controls to protect against phishing, malware, and data exfiltration.

Vulnerability management

Conduct regular vulnerability assessments using tools such as SecureWorks or Qualys, and coordinate remediation efforts with IT teams.

Incident response

Lead incident detection, investigation, containment, and recovery in collaboration with internal teams and external partners and operationalize threat intelligence to inform detection and response priorities.

Security automation

Develop scripts in PowerShell, Python, or Bash to automate routine security tasks and improve operational efficiency.

Third-party risk management

Own and drive HealthDrive’s Third-Party Risk Management (TPRM) program end to end, including inbound and outbound security-questionnaire processes — assessing vendor and partner security posture, maintaining the vendor risk-scoring framework, responding to security assessments HealthDrive receives from partners and payers, and managing ongoing third-party risk in line with HIPAA and HealthDrive’s data-protection obligations.

Compliance & risk management

Ensure adherence to HIPAA and other regulatory requirements through policy enforcement and risk-mitigation strategies.

Documentation & training

Maintain detailed documentation of security configurations and procedures and provide guidance to business and IT staff on security best practices.

Security awareness training

Manage HealthDrive's security awareness training program — building and scheduling campaigns and phishing simulations, tracking completion and results, and reporting on workforce risk to IT leadership.

Collaboration with MSSP

Serve as liaison with HealthDrive’s Managed Security Service Provider to ensure effective threat monitoring and response.

Qualifications

Must have

  • Infrastructure-focused security engineering background, able to both set strategy and execute hands-on.
  • Deep understanding of network security fundamentals (TCP/IP, DNS, routing, firewalls).
  • Hands-on experience with enterprise-grade firewalls and network security tools.
  • Proficiency in Microsoft Active Directory and Azure Active Directory (Microsoft Entra ID).
  • Strong knowledge of Azure cloud security best practices.
  • Experience with endpoint protection and data loss prevention (DLP) technologies, preferably Proofpoint tools.
  • Experience leading or running third-party risk / vendor security assessment processes.
  • Excellent problem-solving, communication, and collaboration skills, with the ability to work both independently and across cross-functional teams.

Nice to have

  • Microsoft Intune (MDM).
  • Scripting with PowerShell, Python, or Bash.
  • SIEM / XDR platforms such as Microsoft Sentinel or SecureWorks; experience with comparable platforms is transferable.
  • Experience working with MSSPs and vulnerability detection and response platforms.
  • Knowledge of healthcare compliance standards (HIPAA, HITECH).
  • Experience managing security awareness training.
  • Experience with Okta MFA configuration.

Education & Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
  • Approximately 10+ years of security engineering experience, with demonstrated depth in infrastructure and cloud security.

Certifications & Licenses

(Preferred) CISSP; or at least one relevant security certification, such as Microsoft Certified: Azure Security Engineer Associate (AZ-500), CompTIA Security+, CISM, CCSP, or HCISPP

Core Competencies

  • Communication
  • Cooperation and Team working
  • Adaptability
  • Expertise and Professionalism
  • Problem Solving / Analysis
Resume ExampleCover Letter Example

Explore more