Manager, Security Operations and Engineering

PE-backed start-up, DoseSpot is a dynamic and innovative leader in the electronic prescribing software market, and its subsidiary, pVerify, is an industry leading insurance verification solution. We are on a hyper-growth curve at the intersection of the software and healthcare industries. We need great team members to capitalize on these opportunities and improve the healthcare experience for patients and doctors alike. DoseSpot and pVerify have an exciting opportunity to join a fun and growing team, benefit from strong market tailwinds, and be part of an exciting opportunity to ensure mission-critical prescriptions and verifications are delivered on time and without error. 

About the Role: 

The Security Operations and Engineering Manager will play a pivotal role in leading all security operations and engineering efforts across DoseSpot and its affiliates. This is an exciting opportunity to bring your expertise in security incident investigations and post-incident analysis to identify root causes and implement measures to prevent future occurrences  This role reports to the Head of IT & Security and will be responsible for developing and executing the overall security operations strategy, managing security engineering projects, and overseeing day-to-day security operations focused on monitoring, detecting, analyzing, and responding to cybersecurity threats. You will foster collaboration with Cloud Ops, Product, and Development teams to ensure security best practices are seamlessly integrated into all aspects of the organization. This role requires a strategic thinker with strong leadership skills, excellent problem-solving abilities, and a deep understanding of security protocols and procedures. 

Your Responsibilities: 

• Responsible for maintaining DoseSpot’s security posture by implementing, managing, and monitoring security measures and controls. 

• Oversee the daily operations and management of DoseSpot’s security operations and engineering, building and leading a team focused on monitoring, preventing, detecting, analyzing, and responding to cybersecurity threats 

• Provide cybersecurity leadership and management to a team of Security Engineers, who are responsible for hunting, detecting, and responding to internal and external threats

• Implement and manage security incident response procedures and playbooks, including investigation, containment, and resolution of security incidents

• Oversee the design, implementation, maintenance, and day-to-day management of security systems, including EDR solutions, Security Information and Event Management (SIEM) systems, vulnerability management systems, and email security systems, and others

• Responsible for proactively managing relationship with Managed Security Services Provider (MSSP) 

• Manage daily security operations, including incident ticketing, workflow management, and metrics reporting, leveraging SIEM systems or other security automation tools to streamline processes and enhance efficiency

• Define operational metrics, key performance indicators, and service level objectives to assure the team achieves operational excellence across Security Operations, engineering, and Incident Management and Response

• Assist with Governance, Risk & Compliance duties including conducting regular risk assessments and implement mitigation strategies to minimize security risks

• Lead incident response efforts, conducting thorough remediation and root cause analysis

• Develop and maintain security incident response plans, including coordination with internal stakeholders and external partners, including law enforcement

Qualifications:  

• Education: 

  • Bachelor's degree in the field of computer security, information technology, computer science or related field 

  • Certifications in CISSP, CEH, GIAC, ISSAP, CISM or other relevant security-focused certifications preferred, but not required 

• Experience:

  • 5+ years of work experience in Security Operations, Incident Response, and Investigations, including 2+ years of proven hands-on technical management and leadership experience of security engineers and analysts 

  • Extensive experience in designing and implementing security infrastructure, including firewalls, IDS/IPS, SIEM, EDR/XDR, CSPM, ASM, firewalls, etc. 

  • Familiarity with cloud security principles and technologies (e.g., AWS, Azure, Google Cloud Platform) 

  • Broad knowledge across the security, insider threat, risk management and compliance domains. 

  • Familiar with security controls or concepts related to various security community groups or standards: CISSP Domains, NIST cybersecurity & privacy frameworks, CIS benchmarks, and OSI model. 

• Competencies: 

  • Ability to coach, lead and motivate a team on areas surrounding cyber security best practices, strategic initiatives, and career development  

  • Ability to present technical issues in a non-technical manner to audiences with varying degrees of technical expertise 

  • Strong written and verbal communication, presentation, and interpersonal skills to effectively exercise tact, discretion, judgment, and diplomacy when interacting with internal and external customers and senior management 

  • Highly motivated self-starter that can manage multiple deliverables independently in a fast-paced environment 

  • Ability to work effectively in a diverse and remote work group to achieve results through team efforts 

You Will Enjoy This Role If:

• You enjoy hands-on execution and efficiently guiding teams through the day-to-day operations, thriving in a coach-player role

• You enjoy managing multiple projects

• You want to deploy, maintain and manage various security solutions

• You have a passion for strategizing and developing security programs

Benefits & Perks: 

🌍Remote work environment with flexible scheduling to encourage work-life balance

✈️Remote Team Offsite 

🌴A generous leave package including flexible time off policy that encourages team members to take time off to relax and recharge; plus 13 paid holidays, paid sick leave, and paid parental leave 

💙100% paid premiums for health insurance for you and your family, plus a company funded FSA & HRA

💰401(k) company Match plus an annual discretionary contribution

💸One-time Workspace Reimbursement to help you optimize your remote workspace 

🔗For more information on our benefits, please visit our benefits page.

DoseSpot is an Equal Employment Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.