Security Engineering Manager

Rx Savings Solutions is seeking a Security Engineering Manager looking for an opportunity to lead and contribute to a rapidly growing company with an awesome and fun-loving culture! The team at Rx Savings Solutions is driven to make a difference in the pharmaceutical industry by exposing cost-savings opportunities to our members. We take pride in knowing the work we do greatly impacts the lives of our customers.
Job Summary:As the Security Engineering Manager, you will build and maintain the security roadmap for RxSS. You will provide strategic guidance and oversight of a team that develops and maintains security solutions for infrastructure and applications running in cloud instances. You'll lead incident response activity and ensure compliance with security best practices.

Responsibilities

• Leads a team of security engineers that research, develop, maintain security solutions for infrastructure and applications running in cloud instances, primarily on Amazon Web Services (AWS).
• Builds and maintains security roadmap for RxSS
• Leads incident response activities, investigations and responses. Responsible for the prevention, detection, investigation and response with respect to security threats and attacks.
• Maintains and develops information policies, procedures and security directives to align business objectives with security objectives.
• Ensures compliance with security best practices using standards like NIST 800-53, ISO 27001, HITRUST CSF and NSCF.
• Leads SOC 2 Type 2 audit and provide evidence that proves RxSS is compliant with HIPAA Security Rule.
• Performs risk assessments including, qualitative and quantitative assessments and provide mitigation strategies for identified risks.
• Manages and responds to security assessments from clients, vendors and partners and perform vendor security management.
• Acquires, configures and maintains security tools utilized at RxSS to improve our security posture as well as manage the relationships with the security vendors
• Provides security awareness training for RxSS employees.
• Oversees the administration of authentication and access controls, including provisioning, changes, and de-provisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Manages hardening, vulnerability management, external pen testing and drive post discovery remediation.
• Audit AWS environment continuously and  identify potential weakness. Provides guidance by developing solutions to reduce the likelihood of exploitation.
• Provides feedback on security during project planning for internal applications and product integrations with partners.
• Stays up to date on information technology and security trends, news and standards.

Education

• Bachelors degree, with an emphasis in computer science or cyber security, OR equivalent experience

Qualifications

• 5+ years of cybersecurity experience of the following:
- Experience with security tools such as SIEM, IDS/IPS, Firewalls, etc.- Experience or knowledge of AWS security tools (VPC, SG, Guard Duty, WAF, etc) and processes- Experience with monitoring tools and application of platforms to detect, remediate, address security vulnerabilities using tools like LimaCharlie, Trend Micro, Mimecast, Lacework, Chronicle Backstory, and Netskope- Experience with configuration management tools like Packer, Ansible and Chef.- Experience with devsecops using CI/CD pipelines.- Experience with security standards like NIST, ISO and ISA
• A minimum of 2 years experience with consulting and training software engineers regarding security best practices
• A minimum of 2 year experience mentoring leading a team of security engineers.

#LI-DM1