Senior Security Engineer

Location: Remote (For Non-Local) or Hybrid (Local to NYC area or Denver, CO)

Position Summary:

As a senior security engineer, you will help build and manage services that detect and automate the mitigation of cybersecurity threats across Capital Rx infrastructure. You will work with software engineers, DevOps engineers, and other security engineers across multiple teams to develop innovative security solutions.

Position Responsibilities:

• Lead large projects from design to conclusion.
• Drive strategic systemic solutions to solve, remediate, and automate recurring issues.
• Interface with internal partner teams to help drive best practices and cybersecurity compliance.
• Evaluate new software solutions with internal partners.
• Write documentation for end-users as needed to facilitate process improvements.
• Define and execute a roadmap to mature robust security, privacy, and risk management programs.
• Evaluate, identify, and remediate risks associated with current vendors, new vendor acquisitions, and consumer data exchanges.
• Actively participate in SDLC code-to-cloud and cloud-to-code integrations.
• Help run Internal, external and vendor related red-team exercises.
• Conduct security analysis of AWS and deployed software and drive recommendations.
• Identify, maintain, and publish the requirements for the IT department to achieve compliance and privacy standards in SOC 2, HITRUST, FISMA, FedRamp, ISO 27001, and other standards.
• Assist in developing, tracking and report threat intelligence metrics and KPI’s to senior leadership.
• Experience with incident management and defense coordination against emerging cyber threats and critical vulnerabilities.
• Facilitate coordination of annual third-party penetration testing.
• Drive use cases to enable threat detection and hunting based on threat intelligence frameworks.
• Establish and collaborate on the standardization of security practices amongst the development teams.
• Embrace Agile and Scrum practices and concepts.
• Coordinate with the team to ensure security alerts are monitored 24x7 via on-call rotation.
• Provide security consultation to teams across the company.
• Responsible for adherence to the Capital Rx Code of Conduct including reporting of noncompliance.

Required Qualifications:

• Expert level experience related to duties and responsibilities.
• Extensive experience in AWS services related to security engineering.
• Experience in serverless application architecture.
• Python & React/Redux Experience
• Experience writing and updating code via HashiCorp Terraform.
• Extensive experience with DLP, SIEM, and cloud security vendors and services.
• A customer-oriented approach to problem resolution.
• Extensive experience leading security investigations, penetration testing, and/or incident response procedures.
• Experience managing IT control auditing and compliance.
• Experience with Slack, Okta, Zoom, Teams, MDM, OneDrive, Lacework (or similar).
• Excellent written and verbal communication skills
• Highly self-motivated with an ability to work independently.
• Desire to work at a rapidly growing organization.
• Experience supporting remote users in a distributed environment.

Desired Qualifications:

• CISSP
• CCSP
• AWS Security Specialty
• AWS Cloud Practitioner

Base Salary: $150,000 To $170,000

Nothing in this position description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

About Capital Rx

Capital Rx is a full-service pharmacy benefit manager (PBM) and pharmacy benefit administrator (PBA), advancing our nation’s electronic healthcare infrastructure to improve drug price visibility and patient outcomes. As a Certified B Corp™, Capital Rx is executing its mission through the deployment of JUDI®, the company’s cloud-native enterprise health platform, and a Single-Ledger Model™, which increases visibility and reduces variability in drug prices. JUDI connects every aspect of the pharmacy ecosystem in one efficient, scalable platform, servicing millions of members for Medicare, Medicaid, and commercial plans. Together with its clients, Capital Rx is reimagining the administration of pharmacy benefits and rebuilding trust in healthcare.

Capital Rx values a diverse workplace and celebrates the diversity that each employee brings to the table. We are proud to provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, medical condition, genetic information, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

#LI-SE1