Staff Security Engineer

Inovalon was founded in 1998 on the belief that technology, and data specifically, would empower the transformation of the entire healthcare ecosystem for the better, improving both outcomes and economics. At Inovalon, we believe that when our customers are successful in their missions, healthcare improves. Therefore, we focus on empowering them with data-driven solutions. And the momentum is building.

Together, as ONE Inovalon, we are a united force delivering solutions that address healthcare’s greatest needs. Through our mission-based culture of inclusion and innovation, our organization brings value not just to our customers, but to the millions of patients and members they serve.

Overview: The Staff Security Engineer is a subject matter expert on vulnerability management, security administration, and security architecture. The Staff Security Engineer provides security expertise across the product engineering lifecycle including security configuration, vulnerability management, security engineering, security architecture, risk assessment, risk management, and security administration. The Staff security engineer is expected to stay current on the security threats, cloud-native services, and security technologies. The successful candidate will perform threat assessments, provide mitigations, develop recommendations, perform hands on activities related to security engineering, vulnerability management, security design reviews, and troubleshooting of security products. The Staff security engineer is expected to collaborate across product teams to drive proactive security by implementing preventive controls in the product delivery pipeline to enhance product security.  

Duties and Responsibilities: 

• Provide technical expertise and direction for the selection and implementation of a diverse suite of product security controls and countermeasures; 

• Provide technical leadership to recommend appropriate information security frameworks, requirements, direction, and system recommendations;  

• Stay abreast of security best practices and technologies, and foster the growth of team members by providing, training, guidance, and mentoring;  

• Perform infrastructure scans, identify vulnerabilities, assess risk, prioritize, and work with stakeholders to remediate the vulnerabilities; 

• Perform validate asset discovery and inventory management, and coordinate network penetration testing; 

• Perform architecture reviews, identify security risks, recommend, and implement mitigations;  

• Review and approve system changes through Change Control Board (CCB) including firewall changes; 

• Research, recommend, and implement effective security controls for cloud-native services;  

• Discover and implement untapped functionality from security tools and services;  

• Maintain security tools and services; 

• Work autonomously and proactively seek out opportunities to build security capabilities across our platforms; 

• Maintain compliance with Inovalon’s policies, procedures, and mission statement; 

• Always adhere to all confidentiality and HIPAA requirements as per Inovalon’s Operating Policies and Procedures with respect to any aspect of the data handled or services rendered in the undertaking of the position; 

• Additional responsibilities as assigned by management; and 

• We reserve the right to change this job description as business needs dictate and will provide notice of such. 

 

Job Requirements: 

• 10+ years of experience in information security across multiple disciplines;  

• 7+ years of experience in security architecture and risk assessments; 

• 7+ years of experience in security system administration (installation, configuration, upgrade, and support); 

• 7+ years of experience in vulnerability and patch management; 

• 5+ years of experience in system hardening using CIS benchmarks or STIGs; 

• 5+ years of experience with firewall, proxy, and other data protection technologies; 

• 5+ years of experience with Windows domain and networking; 

• 5+ years of experience with virtualization technologies; 

• 3+ years of experience with endpoint security management; 

• 3+ year of experience with cloud native technologies (Azure, AWS); 

• Experience with NIST CSF, and MITRE ATT&K frameworks;  

• Required Security certifications: CISSP 

• Preferred certifications: CCNA, CCNP, AWS Cloud, and Azure Cloud. 

 

Education: 

• Required: Bachelor of science or engineering in Computer Science, Cybersecurity, Information Technology, or Management Information Systems. 

 

Physical Demands and Work Environment: 

• Sedentary work (i.e., sitting for long periods of time); 

• Exerting up to 10 pounds of force occasionally and/or negligible amount of force;  

• Frequently or constantly to lift, carry push, pull, or otherwise move objects and repetitive motions; 

• Subject to inside environmental conditions; and 

• Travel for this position will include less than 5% locally, usually for training purposes. 

Inovalon Offers a Competitive Salary and Benefits Package

In addition to the base compensation, this position may be eligible for performance-based incentives.

The actual base pay offered may vary depending on multiple factors including, but not limited to, job-related knowledge/skills, experience, business needs, geographical location, and internal equity.  At Inovalon, it is not typical for an individual to be hired at or near the top end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate.

Inovalon invests in associates to help them stay healthy, save for long-term financial goals, and manage the demands of work and personal commitments. That’s why Inovalon offers a valuable benefits package with a wide range of choices to meet associate needs, which may include health insurance, life insurance, company-paid disability, 401k, 18+ days of paid time off, and more.

Base Compensation Range$115,200—$165,000 USD

Studies have shown that women and people of color are less likely to apply for jobs unless they believe they meet every one of the qualifications listed in a job description. If you don’t meet every qualification listed but are excited about our mission and the work described, we encourage you to apply regardless.  Inovalon is most interested in finding the best candidate for the job and you may be just the right person for this or other roles.

By embracing diversity, equity and inclusion we enhance our work environment and drive business success. Inovalon strives to reflect the diversity of the communities where we operate and of our clients and everyone whom we serve. We endeavor to create a culture of inclusion in which our associates feel empowered to bring their full, authentic selves to work and pursue their professional goals in an equitable setting. We understand that by fostering this type of culture, and welcoming different perspectives, we generate innovation and growth.

Inovalon is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirement.

The Company maintains a drug free work environment for all of its associates, which includes employees, contractors and vendors. It is unlawful for associates to manufacture, sell, distribute, dispense, possess or use any controlled substance or marijuana in the workplace and doing so will result in disciplinary action, up to and including termination of employment or the contracted relationship.

To review the legal requirements, including all labor law posters, please visit this link