Senior Cyber Security Engineer

About Us

TherapyNotes is the go-to superhero for behavioral health Practice Management and EHR software! Our top-notch SaaS solution handles scheduling, billing, documenting, telehealth, and more so clinicians can focus on awesome patient care.

We're a dynamic team of pros who love to innovate and push the envelope, keeping our software cutting-edge. Join us, and let's revolutionize behavioral health software together while making a real difference!

Position Description

TherapyNotes is seeking an experienced and passionate Senior Cyber Security Engineer to join our team of technology enthusiasts. This role blends deep technical execution with strategic influence, requiring hands-on experience across detection and response, vulnerability and risk management, and secure cloud architecture. The ideal candidate will serve as a security thought leader, helping to engineer new solutions, guide secure development practices, and respond to evolving threats—while mentoring junior engineers and collaborating across IT, DevOps, and product teams.

Responsibilities

• Hands-on management of enterprise-wide security tools and platforms including SIEM, DLP, EDR/XDR, and vulnerability management across hybrid environments (cloud and on-prem).
• Monitor security alerts, respond to incidents, and manage escalations.
• Participate in Incident Response on-call rotation.
• Conduct threat analysis, vulnerability assessments, and risk evaluations.
• Manage and secure identities in Microsoft Entra ID through Conditional Access and Entitlement Management.
• Develop and implement strategies for Data Loss Prevention and identify gaps in DLP coverage.
• Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities to ensure TherapyNotes remains resilient against evolving risks.
• Conduct periodic system and network configuration reviews to ensure compliance with security standards.
• Collaborate with developmental teams to ensure security is continuously integrated into the Software Development Lifecycle (SDLC) and CI/CD pipeline.
• Enforce secure coding standards and best practices to minimize vulnerabilities and to protect the confidentiality, integrity, and availability of our customer's data.
• Identify and document cyber risks and manage mitigation, follow up on open security risks, and report issues to leadership.
• Align Zero Trust principles with organizational security goals to ensure secure access to corporate resources, both on-premises and in the cloud.
• Participate in audits and assessments, supporting governance, risk management, and compliance (GRC) efforts.

Required Skills and Experience

• Bachelor's degree in information security, information technology, computer science, or related field preferred. 
• 8+ years of experience in cybersecurity engineering or related role.
• CISSP or equivalent enterprise security certification preferred.
• Extensive experience designing and implementing security controls in cloud environments (preferably Azure and AWS).
• Knowledge of security frameworks (NIST, ISO 27001, CIS) and compliance frameworks (HITRUST, PCI DSS).
• Proven ability to conduct security assessments, vulnerability, management, and incident response.
• Proficiency with network security technologies (firewalls, IDS/IPS, VPNs).
• Strong understanding of OS platforms (Windows, Linux) and endpoint security.
• Deep understanding and experience in managing and securing cloud infrastructure and cloud-based applications.
• Experience with Application Security (OWASP, SAST, DAST).
• Expert in the latest security principles, techniques, and standards.
• Proficiency in various security systems: intrusion detection systems, anti-virus software, identity management systems, log management, content filtering, etc.

Additional Skills

• Network or Systems Engineering background a huge plus!
• Passion for continuous learning and professional development, with a commitment to staying updated and trained on the latest trends and technologies.
• Eagerness to engage in new challenges and adapt quickly.
• Strong work ethic and drive to take ownership of projects and see them through to completion.
• Strong collaboration skills, able to work effectively with cross functional teams.

 Benefits

• Competitive salary - $110,000-$135,000
• Employer sponsored health, dental, vision, life, and disability insurance
• Retirement plan with company contribution
• Annual company profit sharing
• Personal development/training budget
• Open, collaborative work environment
• Extensive 2-week onboarding plan
• Comprehensive mentorship program

Equal Opportunity Employer Statement & Applicant Rights
TherapyNotes LLC is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, national origin, age, disability, genetic information, or any other protected status under federal, state, or local law. We are committed to providing a workplace free of discrimination and harassment. For more information about your rights under federal employment laws, please review the following:

• Know Your Rights: Workplace Discrimination is Illegal
• Family and Medical Leave Act (FMLA): Employee Rights Under FMLA

If you require a reasonable accommodation during the application process, please contact humanresources@therapynotes.com.

#LI-Remote
#LI-PL1
5/30/2025