Engineer, Information Security (Healthcare Consulting - Microsoft Security & Identity Stacks)

About Sellers Dorsey

Sellers Dorsey is a leading and fast-growing national healthcare consulting firm specializing in Medicaid financing, policy, and operations. We deliver impactful outcomes for our clients with a combination of technical expertise and deep understanding of public policy, government, and national and local political landscape. Together with its clients, Sellers Dorsey realizes opportunities that enhance the bottom-line and ultimately improve the lives of people and is committed to expanding access to healthcare in the US. 

About the Role

Sellers Dorsey is seeking a Security Engineer who will design, implement, and manage secure cloud environments. In this role, you will play a critical part in safeguarding our cloud infrastructure, applications, and data across platforms such as Microsoft Azure. This position requires deep expertise in Microsoft security solutions, a strategic mindset, and the ability to adapt to evolving cybersecurity threats. The Security Engineer collaborates with cross-functional teams to ensure that organizational security objectives align with business goals, fostering a resilient and secure technological environment.

Key Responsibilities

Design and Implementation:

• Design and implement security controls and threat protection strategies to mitigate risks and protect against data breaches, unauthorized access, and other threats.
• Develop and maintain a comprehensive security architecture aligned with organizational goals and industry best practices.
• Lead the integration of security measures into the existing IT infrastructure, applications, and networks.
• Ensure compliance with regulatory requirements and standards such as HIPAA, HITRUST, SOC2, ISO 27001, and NIST.
• Manage and secure access through Entra ID, implementing Multi-Factor Authentication (MFA), conditional access, and role-based access controls.

Risk Assessment and Vulnerability Management:

• Conduct regular assessments to identify vulnerabilities and threats within the organization’s systems and implement timely mitigations.
• Develop risk management strategies and prioritize security efforts based on potential impact.
• Conduct threat modeling, risk assessments, and security architecture reviews for new and existing cloud deployments.
• Collaborate with stakeholders to ensure compliance with regulatory and legal requirements.
• Implement vulnerability management tooling and ensure consistent coverage.

Monitoring and Incident Response

• Implement systems to monitor security incidents, breaches, and abnormal activities in real-time, such as Sentinel and Defender.
• Work closely with the IT and security teams to develop and execute incident response plans.
• Lead response efforts to security incidents, coordinate with other teams, and execute remediation strategies effectively.
• Ensure post-incident analysis and recommendations to prevent future occurrences.

Continuous Improvement and Program Optimization

• Stay informed about emerging threats, technologies, and trends in cybersecurity.
• Develop strategies for adapting the organization’s security infrastructure to meet evolving demands.
• Analyze and optimize existing security systems to improve efficiency and reduce operational costs.
• Maintain accurate documentation of security protocols, configuration settings, and incident reports.

Team Collaboration and Training

• Work closely with IT teams, stakeholders, and external vendors to deliver integrated security solutions.
• Collaborate with DevOps and application development teams to integrate security into CI/CD pipelines.
• Provide training and guidance to employees on security policies, practices, and awareness.
• Act as a mentor to junior security professionals within the organization.

Key Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field—or equivalent experience.
• Preferred Certifications: CISSP, CISM, AZ-500, SC-300, SC-200
• 5+ years of experience in cybersecurity, with at least 2 years focused on cloud security.
• 5+ years of information security specific experience.
• 3+ years’ experience with the Microsoft security stack (both implementing and using the technology), specifically Entra ID, and including Azure Security Center, Microsoft Defender, Sentinel, and Intune.
• 1-2 years’ experience with the Microsoft identity stack (both implementing and using the technology)
• Proficiency in cloud computing and hybrid cloud environments, particularly Azure.
• Strong understanding of identity and access management, encryption, and data loss prevention strategies.
• Strong understanding of cloud networking, identity and access management (IAM), encryption, and security monitoring.
• Familiarity with SIEM tools and cloud logging/monitoring such as Sentinel.
• Experience with securing SaaS and cloud native workloads such as containers, microservices, etc.
• Familiarity with compliance frameworks such as HITRUST, HIPAA, and SOC2.
• Excellent problem-solving skills and the ability to work under pressure.
• Experience working with DevOps and AppDev teams to automate security testing in delivery pipelines.
• Knowledge of scripting languages (e.g., Python, Bash) and automation tools.
• Experience with secure cloud architecture and secure application design.
• Ability to automate security operations

Compensation & Benefits 

The anticipated salary range for candidates is $95,800/year in our lowest geographic market range to up to $125,000/year in our highest geographic market range. The final pay offered to a successful candidate will be dependent on several factors that may include but are not limited to the type and years of experience within the job, the type of years and experience within the industry, the candidate’s education, and the candidate’s market location. Typically, candidates are not hired near the top of the range and compensation decisions are made based upon Sellers Dorsey’s Total Compensation Policies & Guidelines. The successful candidate will also be eligible to participate in our annual Corporate Incentive Plan (CIP) that can range to up to 9% of annual salary. 

Provided they meet all eligibility requirements under the applicable plan documents, the successful candidate (and their eligible dependents) will be eligible to enroll in group healthcare plans that offer medical, dental, and vision and for insurance plans offering short term disability, long term disability, and basic life. Employees are also able to enroll in Sellers Dorsey’s 401k plan provided they meet plan requirements.  Sellers Dorsey offers a Flexible Time Off that allows employees to use what they need. Additionally, we offer 10 paid holidays throughout the calendar year, paid time off for qualifying medical leave, and up to 12 weeks of combined paid parental and bonding leave. The foregoing benefits and paid time off, including an employee’s eligibility therefore, will be controlled by applicable plan documents and Sellers Dorsey policy. 

This is intended to provide a general description of benefits and other compensation and is not a substitute for applicable plan documents or company policies. 

Sellers Dorsey is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law.

If you need a reasonable accommodation for any part of the employment process, please contact us by email at HumanResources@sellersdorsey.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

This position requires that you be fully vaccinated against Covid-19. Requests for reasonable accommodation on the basis of disability and/or sincerely held religious beliefs will be provided subject to undue hardship.

Sellers Dorsey maintains a Drug-Free workplace.