On Site Connecticut - Cybersecurity Engineer

About Our Company

We’re a physician-led, patient-centric network committed to simplifying health care and bringing a more connected kind of care.

Our primary, multispecialty, and urgent care providers serve millions of patients in traditional practices, patients' homes and virtually through VillageMD and our operating companies Village Medical, Village Medical at Home, Summit Health, CityMD, and Starling Physicians.

When you join our team, you become part of a compassionate community of people who work hard every day to make health care better for all. We are innovating value-based care and leveraging integrated applications, population insights and staffing expertise to ensure all patients have access to high-quality, connected care services that provide better outcomes at a reduced total cost of care.

Please Note: We will only contact candidates regarding your applications from one of the following domains: @summithealth.com, @citymd.net, @villagemd.com, @villagemedical.com, @westmedgroup.com, @starlingphysicians.com, or @bmctotalcare.com.

Job DescriptionCybersecurity Engineer

We are seeking a highly skilled and motivated Cybersecurity Engineer to join our team and play a pivotal role in safeguarding our organization's information assets. This role is crucial in designing, implementing, and maintaining robust security solutions across diverse environments, ensuring compliance with regulatory requirements, and proactively mitigating emerging threats. The ideal candidate will possess a deep understanding of modern security principles, hands-on experience with cutting-edge technologies, and a

passion for continuous improvement.

Key Responsibilities:

Security Architecture and Implementation:

Design, deploy, and manage security infrastructure, including but not limited to:

• Identity and Access Management (IAM) systems (e.g., Azure AD, Okta).
• Cloud security platforms (Azure, AWS, GCP).
• Network security devices (Firewalls, IDS/IPS, VPN).
• Endpoint Detection and Response (EDR) and Endpoint Protection Platforms (EPP).
• Security Information and Event Management (SIEM) systems.
• Vulnerability management tools and processes.
• Data Loss prevention (DLP) systems.
• Email security platforms.
• Develop and maintain security configuration standards and best practices.

Security Operations and Incident Response:

• Monitor security systems and analyze security events to detect and respond to incidents.
• Conduct security investigations and perform root cause analysis.
• Manage vulnerability scanning and remediation processes.
• Develop and maintain incident response plans and procedures.
• Perform user provisioning and deprovisioning in line with security policies.
• Manage and automate patch management processes.

Threat Intelligence and Security Awareness:

• Stay abreast of the latest security threats, vulnerabilities, and industry trends.
• Assess and communicate potential security risks to stakeholders.
• Develop and deliver security awareness training and materials.
• Monitor and interpret security advisories and regulatory updates.

Compliance and Governance:

• Ensure compliance with relevant security regulations and standards (e.g., NIST, ISO 27001, GDPR, HIPAA)

• Conduct security audits and assessments.
• Develop and maintain security policies and procedures.
• Produce and maintain security audit documentation.
• Identify and mitigate security risks related to business and end-user activities.

Other Security-Related Duties:

• Perform other security-related duties as assigned to support the organization's overall security posture.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• 5+ years of experience in information security engineering or a related role.
• Strong understanding of modern security principles, frameworks, and best practices.
• Proven experience with Microsoft 365 security.
• Hands-on experience with security tools and technologies, including:
  • EDR/EPP (e.g., CrowdStrike, Defender ATP, Sentinel One).
  • Vulnerability scanners (e.g., Nessus, Qualys).
  • IAM systems (e.g., Azure AD).
  • Firewalls, IDS/IPS, and VPNs.
  • Email security systems (e.g., Barracuda, Mimecast).
  • Experience with Zero Trust networking principles and implementations.
• Excellent problem-solving, analytical, and communication skills.
• Ability to work independently and as part of a team.
• Ability to manage multiple priorities and projects simultaneously.
• Availability to perform off-hours system changes, respond to critical incidents and be in an on-call rotation.
• Authorization to work in the U.S., without the requirement for an employment visa or sponsorship.
• Relevant security certifications (e.g., CISSP, CEH, CompTIA Security+, Azure Security Engineer Associate) are highly desirable.

This is an exempt. The base compensation range for this role is $111,000 - $140,000.  At VillageMD, compensation is based on several factors including but not limited to education, work experience, certifications, location, etc.  The selected candidate will be eligible for a valuable company benefits plan, including health insurance, dental insurance, life insurance, and access to a 401k plan.

About Our Commitment

Total Rewards at VillageMD

Our team members are essential to our mission to reshape healthcare through the power of connection. VillageMD highly values the critical role that health and wellness play in the lives of our team members and their families.  Participation in VillageMD’s benefit platform includes Medical, Dental, Life, Disability, Vision, FSA coverages and a 401k savings plan.

Equal Opportunity Employer

Our Company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to, and does not discriminate on the basis of, race, color, religion, creed, gender/sex, sexual orientation, gender identity and expression (including transgender status), national origin, ancestry, citizenship status, age, disability, genetic information, marital status, pregnancy, military status, veteran status, or any other characteristic protected by applicable federal, state, and local laws.

Safety Disclaimer

Our Company cares about the safety of our employees and applicants. Our Company does not use chat rooms for job searches or communications. Our Company will never request personal information via informal chat platforms or unsecure email. Our Company will never ask for money or an exchange of money, banking or other personal information prior to the in-person interview. Be aware of potential scams while job seeking. Interviews are conducted at select Our Company locations during regular business hours only. For information on job scams, visit, https://www.consumer.ftc.gov/JobScams or file a complaint at https://www.ftccomplaintassistant.gov/.