Senior Information Security Associate- Attack Surface Reduction
Remote - MA
athenahealthJoin 140K providers on the largest connected network in healthcare. See how we’re making connections that improve patient outcomes & clinician experiences.
Join us as we work to create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
- Grow your career internally or refer a friend to athenahealth!
Senior Associate (SMTS), Attack Surface Reduction (ASR) team
Mission: Drive athena’s ASR program, functions and goals.
This individual will be recognized as a subject matter expert in the area of information security, have deep experience evaluating, securing and remediating errors and system misconfigurations, weaknesses, vulnerabilities and risk assessments across enterprise internal and external digital environments.
Our target candidate has deep technical security and communication skills. The individual will work closely with the Executive Director of the Threat and Risk Management team in executing a mature vision for how ASR will partner with business technology teams to identify cybersecurity risks and threats, design solutions to protect critical systems, and improve the overall cyber hygiene of our environment. We are targeting a skilled subject matter expert that can continue a strategic vision while pursuing tactical problem-solving, solutioning and hands-on implementation when required.
- Provides technical guidance to senior management, business technology teams and functional organizations across the company.
- Assist in executing a transformation strategy for ASR, that defines the people, process, and technology capabilities needed to improve within the broader NIST Cybersecurity Framework, particularly the “Identify” and “Protect” domains.
- Leverage Tenable One enterprise platform, to include Tenable.io, Tenable.lumin, Tenable.cs, Tenable.asm modules to deliver value for our security team and for stakeholders across the enterprise.
- Supports the ASR Team in analyzing vulnerability scan results, identifying vulnerability patterns, and partnering with business technology teams to define and execute streamlined processes to remediate vulnerable systems across our environment.
- Drives the ASR technology roadmap, defining current and future security platform lifecycles (candidate, POC, deployed, pending decommission) to continuously improve athena’s security controls posture.
- Actively engages the vendor community to understand the market, identify products that can support athena’s mission, conduct proof of concept evaluations, facilitate sourcing processes, and successfully integrate new security technologies.
- Participates in and contributes thought leadership and strategic direction during Information Security leadership team meetings and workshops.
- Supports strategic updates and vision documents, briefings, and reports, and demonstrates excellent communication skills and executive presence in presentations.
Education and Experience:
- Bachelor of Science in Information Security or equivalent experience required; Industry Certs and/or Masters Preferred
- 3+ years of experience with a focus on information security preferred
- Hands-On experience with an enterprise vulnerability platform required, experience with Tenable preferred.
- Experience with other Attack Surface Management tools like JupiterOne/Tenable.asm preferred.
- Excel and PowerBI experience desired.
For candidates located in California, Colorado, New York City, and Westchester County (NY), please visit the following link for pay range information:
New York: https://www.athenahealth.com/salary-range/ny-tech-sr-associate
Have you notified your current manager of your application?
Here’s our vision: To create a thriving ecosystem that delivers accessible, high-quality, and sustainable healthcare for all.
What’s unique about our locations?
From an historic, 19th century arsenal to a converted, landmark power plant, all of athenahealth’s offices were carefully chosen to represent our innovative spirit and promote the most positive and productive work environment for our teams. Our 10 offices across the United States and India — plus numerous remote employees — all work to modernize the healthcare experience, together.
Our company culture might be our best feature.
We don't take ourselves too seriously. But our work? That’s another story. athenahealth develops and implements products and services that support US healthcare: It’s our chance to create healthier futures for ourselves, for our family and friends, for everyone.
Our vibrant and talented employees — or athenistas, as we call ourselves — spark the innovation and passion needed to accomplish our goal. We continue to expand our workforce with amazing people who bring diverse backgrounds, experiences, and perspectives at every level, and foster an environment where every athenista feels comfortable bringing their best selves to work.
Our size makes a difference, too: We are small enough that your individual contributions will stand out — but large enough to grow your career with our resources and established business stability.
Giving back is integral to our culture. Our athenaGives platform strives to support food security, expand access to high-quality healthcare for all, and support STEM education to develop providers and technologists who will provide access to high-quality healthcare for all in the future. As part of the evolution of athenahealth’s Corporate Social Responsibility (CSR) program, we’ve selected nonprofit partners that align with our purpose and let us foster long-term partnerships for charitable giving, employee volunteerism, insight sharing, collaboration, and cross-team engagement.
What can we do for you?
Along with health and financial benefits, athenistas enjoy perks specific to each location, including commuter support, employee assistance programs, tuition assistance, employee resource groups, and collaborative workspaces — some offices even welcome dogs.
In addition to our traditional benefits and perks, we sponsor events throughout the year, including book clubs, external speakers, and hackathons. And we provide athenistas with a company culture based on learning, the support of an engaged team, and an inclusive environment where all employees are valued.
We also encourage a better work-life balance for athenistas with our flexibility. While we know in-office collaboration is critical to our vision, we recognize that not all work needs to be done within an office environment, full-time. With consistent communication and digital collaboration tools, athenahealth enables employees to find a balance that feels fulfilling and productive for each individual situation.
athenahealth is committed to a policy of equal employment opportunity—that’s why we recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law. We’re happy to provide a reasonable accommodation, for those with a disability, to complete any part of the application process. If you are unable to access or use this online application process and need an alternative method for applying, please contact us at email@example.com for assistance.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open EDR-related jobs
- Open Splunk-related jobs