Senior Security Engineer

Company Overview

Founded in 2015, PHIL is a Series D health-tech startup that is building a platform that interfaces between doctors, pharmacies, and patients to streamline the process of patients receiving prescriptions. This is a complex, archaic industry, and we've set out to change that.

Phil’s B2B2C platform provides an end-to-end prescription management and delivery service. Our robust platform connects patients, prescribers, pharmacies, and manufacturers, enabling easy and affordable access to medicine. Through its digital stakeholder experiences, patient access services, market access solutions, and distribution models, pharma manufacturers can deliver affordable and timely therapy access to patients, resulting in more patients staying on their treatment plans longer. Consequently, pharma manufacturers are enabled for more innovation.

The team at Phil is a group of like-minded individuals from varying backgrounds, passionate about creating a new and innovative healthcare platform that is focused on patient experience and overall human wellbeing. Ready to join our team of mission-driven, analytical, and passionate people? Keep reading!

Job Duties

• Facilitate architecture, design, and deployment of information security solutions, compliance and policies
• Manage and oversee HIPAA, SOC 2, and ISO, compliance policy implementations, certifications and audit processes. Ensures information security policies, standards, and procedures are up-to-date.
• Perform/Develop test plan and identify testing requirements, scenarios, methodologies, and configurations as part of technology evaluations and vendor integrations
• Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary
• Works closely with the Chief Privacy Officer and Chief Security Officer to ensure alignment between security and privacy compliance programs including policies, practices and investigations, and acts as a liaison to the information systems and compliance departments
• Troubleshoot, diagnose, and resolve or escalate Incidents and problems
• Design and implement best practice security solutions (tools and services) to mitigate security threats and risks that may impact the business
• Manage and conduct ongoing security training to the workforce. Drive and promote activities to foster information security awareness within the organization and related entities
• Collaborate with leadership on network design improvements, capacity planning, risk mitigation, vulnerability, and security event management
• Establish and administer a process for investigating and acting on security incidents which may result in a privacy breach breaches

Requirements

• Bachelor’s degree in computer information security/related field or equivalent experience
• 5+ years of experience in a security engineering role
• Experience architecting, designing, and deploying security solutions for enterprise environments and working with enterprise security solution sets
• Extensive experience and knowledge of HIPAA, SOC-2 and other security policies
• Experience with deploying and managing diverse set of security technologies
• Experience with penetration testing tools
• Demonstrated technical understanding of system architecture and design, operating systems, network infrastructure, device configuration hardening, and patch and configuration management
• Extensive experience and knowledge of AWS services and technologies
• Thorough understanding of the latest security principles, techniques, and protocols
• Working knowledge of shell scripting and Python programming language
• Knowledge of authentication protocols such as LDAP, SAML, OAUTH
• Experience with securing one or more of: CI/CD, Kubernetes, Docker

Benefits

• Ground floor opportunity with one of the fastest-growing startups in health-tech
• Fully remote working environment
• Competitive compensation (commensurate with experience)
• Full benefits (medical, dental, vision)
• 401(k) contri

Employment Details

• Salary: $170K - $180K
• Location Type: Remote
• Employment Type: FullTime