Senior Corporate Security Engineer at SmithRx

Who We Are:

SmithRx is a rapidly growing, venture-backed Health-Tech company. Our mission is to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting edge technology, innovative cost saving tools, and best-in-class customer service. With hundreds of thousands of members onboarded since 2016, SmithRx has a solution that is resonating with clients all across the country.

We pride ourselves for our mission-driven and collaborative culture that inspires our employees to do their best work. We believe that the U.S healthcare system is in need of transformation, and we come to work each day dedicated to making that change a reality. At our core, we are guided by our company values:

• Integrity: Always operate with honesty and transparency so we earn the trust of our clients.
• Courage: Demonstrate the courage needed to take on a broken industry and continuously improve what we offer to optimize health outcomes.
• Together: Foster a collaborative and inclusive environment that values teamwork, respect, and open communication, and encourages creativity and diversity of thought.

What You Will Do:

• Advise on security best practices to IT personnel on design, implementation, and maintenance of secure systems and networks, including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices.
• Develop, deploy and manage tools to secure and monitor corporate assets including ownership of Endpoint Detection & Response (EDR) and Data Loss Prevention (DLP).
• Review security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents from the Legal and Compliance teams. Monitor and analyze security logs and events, and be available to advise on security incidents in a timely manner.
• Collaborate with cross-functional teams to ensure that security requirements are incorporated into corporate security processes/procedures/measures.
• Provide technical expertise and guidance to IT teams to ensure that security controls are effectively implemented and maintained.
• Stay updated on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
• Participate in incident response activities, including investigation, containment, and recovery efforts, as needed. (During business hours: this is not an on-call position.)
• Provide training and awareness programs to educate employees and users about CorpSec security best practices and procedures.

What You Will Bring To SmithRx:

• 5+ years of experience in Security Engineering or AppSec Engineering.
• Strong knowledge of CorpSec principles, best practices, and industry standards, such as CIS/NIST Critical Security Controls.
• Experience in SOC2 or HIPAA security audits and compliance
• Hands-on experience with some corporate security tooling, such as firewalls, IDS/IPS, SIEM, DLP, antivirus, vulnerability management & scanning tools, etc.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.A risk-based approach to prioritization, rather than checkbox ticking
• Experience with identity management: TKTK and current identity management best practices

What SmithRx Offers You:

• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
• Flexible Spending Benefits
• 401(k) Retirement Savings Program
• Short-term and long-term disability
• Discretionary Paid Time Off
• 12 Paid Holidays
• Wellness Benefits
• Commuter Benefits
• Paid Parental Leave benefits
• Employee Assistance Program (EAP)
• Well-stocked kitchen in office locations
• Professional development and training opportunities