Logo
Lirio

Security Engineer

Lirio, Knoxville, Tennessee, United States, 37955


Position Summary

The Security Engineer is responsible for the implementation and operation of the information security systems at Lirio, including the security of the cloud-native implementation of Lirio’s Precision Nudging platform, and the security of its internal business networks. This role partners with Cloud Engineers, Data Engineers, IT and Architecture teams to establish and improve departmental and system security posture. The Security Engineer is a primary contributor to the security operations at Lirio, and also in evaluating, maturing and implementing the security tools and processes to assure Lirio is well-positioned to protect the privacy of the sensitive data being managed within its network.

Essential Duties & Responsibilities

Key contributor to security operations & analysis, including

Monitoring of log and alert streams across the Lirio networks

Security event/alert analysis, investigation and remediation

Prioritizing and remediating CVEs

Performing security access and vendor reviews

Execute internal testing activities, including but not limited to internal scans, phishing campaigns, and internal penetration testing

Key contributor to incident management activities

Strengthen Lirio's security posture by continuously evaluating and maturing security tools such as Defender for Cloud, Defender for Endpoint, Defender for Containers & APIs, Azure Sentinel and Snyk security platform

Continuously improves the level of automation/information in the security tools by creating security playbooks and dashboards in KQL for Azure Sentinel SIEM

Contribute to security architecture reviews of application designs, cloud infrastructure, identifying threats and vulnerabilities to Lirio systems; provide security recommendations and aligning them to GRC risk ranking systems

Implement information security policies, controls and systems adhering to Governance, Risk and Compliance standards

Create and maintain technical documentation around security practices and initiatives, ensuring detailed records of security protocols, tools, processes, and incident responses

Implement and monitor the secure baseline and secure configuration required for production systems at Lirio

Supports risk assessments, including privacy risk assessments, as needed

Supports compliance and security audits as needed through evidence gathering

Deploy and run cloud-based vulnerability scans for internal and external assets

Offensive security & penetration testing experience to drive security posture improvements across the organization

Conduct black box testing, code reviews, automation, threat modeling and research to reduce risk to Lirio microservices and Infrastructure

Qualifications

3-5 years of related experience

Experience configuring, operating and optimizing the Microsoft Defender suite and Azure Sentinel.

Experience with cloud architectures and security, including concepts like microservices, containers, and technologies like Kubernetes and Kafka.

Experience in cybersecurity implementations and operations within the healthcare industry.

Knowledge in modern network architectures, technologies and network security best practices

Knowledge in modern security principles including zero trust, conditional access, defense in depth and attack surface reduction.

Experience writing technical Security documentation.

Experienced in Terraform and Security As Code methodologies.

Experience writing Azure Sentinel Queries with Kusto Query Language (KQL).

Experience supporting GRC adherence from an application security and infrastructure standpoint, codifying controls based on standards like HIPAA HITRUST, SOC2, NIST CSF.

Cloud IaaS security experience.

Secrets management experience with Azure Key vault

Experience analyzing, assessing, and responding to various internet threats; conduct regular security assessments.

General *nix and system administration knowledge

Scripting knowledge for Security testing and API integrations (Python, Bash, Go etc.)

Security Tool Expertise like Microsoft Defender for: Endpoint, for Cloud for Containers, Runtime Security, EDR, Snyk.

Microsoft Intune

Firewalls & Access Control Lists, Web Application Firewalls, building policies and analyzing flows using SIEM, tcpdump, Wireshark

Understanding of containers and microservices architecture (docker, Kubernetes etc.)

Source Code Management: Git, Gradle, Azure Devops

Infrastructure as code: Terraform, CloudFormation, Ansible, Chef, Helm

Written and verbal communication skills, time management skills, comfortable in a fast-paced environment

Collaborative / team oriented, willingness to teach and learn

Ability to quickly learn company terminology and processes

CISSP, CEH, and/or CCSP certifications a plus

Benefits

Medical (HSA available)

Dental

Vision

Short-term & long-term disability (company-paid)

Life & AD&D (company-paid)

401K with company match

10 paid holidays + holiday week company closure

Flexible time off policy

Work from home

Salary range: $135,000-$160,000

#J-18808-Ljbffr