Senior Security Engineer - Revo Health

A Senior Security Engineer is responsible for the design implementation and maintenance of robust security solutions to protect information systems and assets. This role requires extensive expertise in identifying analyzing and mitigating security threats collaborating across departments and leading initiatives to strengthen the overall security posture. This role plays a pivotal role in shaping security strategies mentoring junior staff and ensuring compliance with industry standards and regulations.

This is a full-time position working M-F between the hours of 8:00 am - 5:00 pm out of our Corporate Office in Bloomington MN.

Revo Health is a professional services company that partners with multiple healthcare groups to deliver exceptional patient care. This position will be employed through Revo Health working closely with Infinite Health Collaborative (i-Health) and its operating divisions.

Essential Functions:

• Security Architecture & Design: Develop review and enhance security architectures for applications networks and systems. Create secure-by-design solutions that anticipate evolving threats and business requirements.
• Threat Analysis & Risk Management: Conduct comprehensive security risk assessments. Identify vulnerabilities evaluate threats and recommend appropriate countermeasures. Prioritize risks based on business impact and likelihood.
• Incident Response & Investigation: Lead the response to security incidents including detection containment eradication recovery and post-mortem analysis. Collaborate with legal compliance and IT teams to document incidents and implement lessons learned.
• Security Operations: Oversee daily security monitoring log analysis and the maintenance of security tools such as SIEM firewalls IDS/IPS DLP and endpoint protection platforms. Investigate and resolve alerts and anomalous behavior.
• Vulnerability Management: Plan and execute regular vulnerability scans and penetration tests. Lead remediation efforts and validate fixes. Communicate findings and recommendations to both technical and non-technical stakeholders.
• Policy & Compliance: Develop and update security policies standards and procedures. Ensure compliance with laws regulations and industry frameworks (such as ISO 27001 NIST SOC 2 PCI DSS HIPAA or GDPR).
• Security Awareness & Training: Lead the creation and delivery of security awareness programs for staff. Mentor and train junior engineers and other staff on security best practices.
• Collaboration & Leadership: Work closely with cross-functional teams including software development IT operations and executive leadership. Influence security culture and advocate for secure practices throughout the organization.
• Continuous Improvement: Stay abreast of emerging threats vulnerabilities and technologies. Recommend and implement improvements to security processes tools and controls.
• Data Governance: Implement and manage Microsoft Purview solutions to ensure comprehensive data governance across the organization. This includes defining and enforcing policies for data classification retention and access control.
• Third-Party Security: Assess the security posture of vendors and partners. Participate in risk assessments related to third-party relationships.
• Project Management: Lead security projects from conception to completion. Develop project plans track progress and ensure timely delivery of objectives.
• Documentation: Maintain thorough documentation of security architectures controls incidents and compliance activities. Prepare reports and metrics for executives and auditors.

Education and Experience Requirements:

• Bachelors degree or equivalent certifications in Computer Engineering Information Technology or Cybersecurity related field. Equivalent experience may be considered.
• Experience: Minimum of 5-7 years in information security or a related discipline with significant hands-on experience in security engineering roles.
• Certifications: Industry-recognized certifications such as CISSP CISM GIAC OSCP CEH or related credentials are highly desirable.
• Proficiency with security technologies and platforms (e.g. SIEM firewalls IDS/IPS endpoint protection vulnerability scanners EDR/XDR and encryption tools).
• Strong understanding of networking concepts protocols and architectures (TCP/IP DNS VPN VLAN etc.).
• Experience with identity and access management (IAM) multi-factor authentication and privileged access controls.
• Familiarity with automation and scripting languages (Python PowerShell Bash etc.).
• Proficiency with Microsoft Defender and Microsoft Purview.
• Understanding of data privacy principles and regulatory requirements.

Benefits & Compensation:

• Actual starting pay will vary based on education skills and experience.
• We offer a comprehensive Medical Dental & Vision Plan Maternity Bundle 401K with Profit Sharing Tuition Reimbursement Gym & Car Rental Discounts - to learn more clickhere.

Essential Requirements:

Ability to:

• Comply with company policies procedures practices and business ethics guidelines.
• Complete job required training.
• Comply with all applicable laws and regulations (e.g. HIPAA Stark OSHA employment laws etc.)
• Demonstrate prompt and reliable attendance
• Work in the clinic office or surgery center during business hours
• Travel independently throughout the clinic office or surgery center (which may include movement from floor to floor); frequent bending lifting standing stooping or sitting for long periods of time may be required
• Work at an efficient and productive pace handle interruptions appropriately and meet deadlines
• Communicate and interact in a respectful and professional manner
• Prioritize workload while being flexible to meet the expectations of the daily operations
• Apply principles of logical thinking to define problems establish facts and draw valid conclusions
• Understand and execute a variety of instructions
• Effectively operate equipment and communicate on and operate the phone system
• Work independently with minimal supervision
• Travel to other work locations if required

Performance Expectations Revo Healths Core Values:

• Integrity- Do the right thing and take responsibility for what you do and say
• Service- Consistently contribute to deliver an exceptional experience
• Quality - Act with high purpose committed effort and skillful execution to exceed expectations
• Innovation- Identify progressive solutions that improve service teamwork efficiency and/or effectiveness
• Teamwork - Be a part of the whole; support each other positively

Notes:

• Revo Health is an Equal Opportunity/Affirmative Action Employer and will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990 and the ADA Amendments Act of 2008.
• We participate in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program please click here: position description will be reviewed periodically as duties and responsibilities change with business necessity. Essential and Additional Job Functions are subject to modification.