Senior Security Engineer
Company Overview
Founded in 2015, PHIL is a Series D health-tech startup that is building a platform that interfaces between doctors, pharmacies, and patients to streamline the process of patients receiving prescriptions. This is a complex, archaic industry, and we've set out to change that.
Phil’s B2B2C platform provides an end-to-end prescription management and delivery service. Our robust platform connects patients, prescribers, pharmacies, and manufacturers, enabling easy and affordable access to medicine. Through its digital stakeholder experiences, patient access services, market access solutions, and distribution models, pharma manufacturers can deliver affordable and timely therapy access to patients, resulting in more patients staying on their treatment plans longer. Consequently, pharma manufacturers are enabled for more innovation.
The team at Phil is a group of like-minded individuals from varying backgrounds, passionate about creating a new and innovative healthcare platform that is focused on patient experience and overall human wellbeing. Ready to join our team of mission-driven, analytical, and passionate people? Keep reading!
Job Duties
Facilitate architecture, design, and deployment of information security solutions, compliance and policies
Manage and oversee HIPAA, SOC 2, and ISO, compliance policy implementations, certifications and audit processes. Ensures information security policies, standards, and procedures are up-to-date.
Perform/Develop test plan and identify testing requirements, scenarios, methodologies, and configurations as part of technology evaluations and vendor integrations
Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary
Works closely with the Chief Privacy Officer and Chief Security Officer to ensure alignment between security and privacy compliance programs including policies, practices and investigations, and acts as a liaison to the information systems and compliance departments
Troubleshoot, diagnose, and resolve or escalate Incidents and problems
Design and implement best practice security solutions (tools and services) to mitigate security threats and risks that may impact the business
Manage and conduct ongoing security training to the workforce. Drive and promote activities to foster information security awareness within the organization and related entities
Collaborate with leadership on network design improvements, capacity planning, risk mitigation, vulnerability, and security event management
Establish and administer a process for investigating and acting on security incidents which may result in a privacy breach breaches
Requirements
Bachelor’s degree in computer information security/related field or equivalent experience
5+ years of experience in a security engineering role
Experience architecting, designing, and deploying security solutions for enterprise environments and working with enterprise security solution sets
Extensive experience and knowledge of HIPAA, SOC-2 and other security policies
Experience with deploying and managing diverse set of security technologies
Experience with penetration testing tools
Demonstrated technical understanding of system architecture and design, operating systems, network infrastructure, device configuration hardening, and patch and configuration management
Extensive experience and knowledge of AWS services and technologies
Thorough understanding of the latest security principles, techniques, and protocols
Working knowledge of shell scripting and Python programming language
Knowledge of authentication protocols such as LDAP, SAML, OAUTH
Experience with securing one or more of: CI/CD, Kubernetes, Docker
Benefits
Ground floor opportunity with one of the fastest-growing startups in health-tech
Fully remote working environment
Competitive compensation (commensurate with experience)
Full benefits (medical, dental, vision)
401(k) contribution opportunity
PHIL Inc. is an equal-opportunity employer.