Senior Security Engineer

Position Overview

• Location Type: Not Specified
• Job Type: Not Specified
• Salary: Not Specified

SmithRx is a rapidly growing, venture-backed Health-Tech company focused on disrupting the Pharmacy Benefit Management (PBM) sector. We aim to build a next-generation drug acquisition platform using cutting-edge technology, innovative cost-saving tools, and best-in-class customer service. Since 2016, we have onboarded hundreds of thousands of members, demonstrating the effectiveness of our solution.

We foster a mission-driven and collaborative culture that inspires our employees to do their best work. We are dedicated to transforming the U.S. healthcare system and are guided by our core company values:

• Integrity: Our purpose guides our actions, fostering confidence and ethical leadership.
• Courage: We face challenges with grit and resilience, embracing the unknown with autonomy, empathy, ownership, and vulnerability to challenge the status quo.
• Together: The success of SmithRx is built on strong partnerships and team commitment, with shared values binding us.

Job Summary

We are seeking an experienced Security Engineer specializing in Security Operations, Detection Engineering, and Incident Response. This hands-on role involves leading the identification, analysis, and response to complex security threats within our cloud-native environment, primarily AWS. You will utilize your deep expertise and Python proficiency to design, build, and tune detection mechanisms, automate response actions, and continuously improve our security monitoring and incident response capabilities. Responsibilities include tackling ambiguous security challenges, collaborating on incident response, defining technical roadmaps for detection and response, and supporting security improvements across engineering teams.

Eligibility: Applicants must be based in one of the following states: Arkansas, Arizona, California, Colorado, Florida, Georgia, Kansas, Minnesota, Missouri, Nevada, North Carolina, South Carolina, Ohio, Pennsylvania, Tennessee, Texas, Utah, Virginia, Washington, Wisconsin.

Responsibilities

• Leverage Python to design, develop, test, and maintain high-fidelity and actionable detection-as-code rules.
• Automate detection logic, parse and enrich complex data sources, and integrate security systems via APIs.
• Proactively hunt for threats within our AWS and corporate environments by analyzing logs and system data.
• Develop, refine, and automate incident response playbooks and standard operating procedures using SOAR platforms and custom Python scripts.
• Perform technical analysis during incidents, including log analysis, network traffic analysis, and host/endpoint artifact collection.
• Manage and optimize core security operations tools (SIEM, SOAR, EDR, etc.).
• Serve as a technical contributor and subject matter expert in Security Operations and Incident Response, influencing security practices across engineering and IT teams.
• Autonomously define and deliver the technical roadmap for key detection and response initiatives, managing cross-functional dependencies.

Requirements

• 5+ years of hands-on experience focused on Security Operations, Detection Engineering, and/or Incident Response.
• Strong proficiency in Python for security automation, scripting, data analysis, and tool development.
• Deep experience with cloud-native security, particularly within AWS.