Job description

Job Summary:The Senior Security Engineer is responsible for ensuring the organization's security posture meets and exceeds regulatory compliance requirements while proactively identifying, mitigating, and tracking security risks. This role will work closely with IT, Compliance, HR, and the data team to establish and maintain best-in-class security practices. This position focuses on security operations, risk management, policy development, asset protection, and audit readiness, ensuring IT infrastructure and data remain secure, compliant, and resilient against emerging threats.Essential Duties and Responsibilities:This position must be able to: Security Governance & ComplianceEnsure regulatory compliance (HIPAA, HITRUST, NIST, SOC2) by developing, reviewing, and maintaining security policies and procedures. Track and manage risks in the risk register to ensure timely mitigation and resolution.Work with compliance teams to ensure audit readiness and provide documentation for security assessments.Collaborate with HR to develop and implement security awareness training programs for employees.Security Operations & Infrastructure ProtectionMonitor and maintain security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security, and SIEM platforms.Conduct regular security reviews of IT assets to ensure vulnerability management and compliance tracking are in place.Review and analyze security logs to investigate anomalies and escalate potential threats.Create and maintain security best practices across all IT operations, ensuring all teams follow industry standards. Incident Response & Risk MitigationLead incident response efforts, coordinating with IT, compliance, and HR teams to manage security incidents effectively.Develop and maintain incident response playbooks to ensure swift and standardized action during security events.Proactively identify, track, and mitigate risks related to IT infrastructure, access control, and external threats. Collaboration & Cross-Team Security IntegrationWork closely with the Data & AI team to ensure robust security practices for AI/ML-driven initiatives and automation.Assist in securing third-party integrations, vendor relationships, and cloud-based applications.Collaborate with HR on employee security training and Compliance teams for policy alignment. Security Strategy & Continuous ImprovementStay up to date with emerging threats, security trends, and compliance changes.Continuously assess and improve security posture, infrastructure, and risk management processes.Develop and maintain IT security documentation, including security roadmaps and strategy plans.Education and Experience:Education:Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.7+ years of relevant professional experience in lieu of a degree.Required Experience:5+ years of experience in cybersecurity, security engineering, or SecOps.Preferred Experience:Active security certifications such as CISSP, CISM, CISA, CCSP, or Azure Security Engineer (AZ-500).Familiarity with cloud security best practices, particularly in Azure environments.Experience with security automation (though heavy AI/ML work is deferred to the data team).Prior experience working in healthcare, insurance, or other highly regulated environments.Other Requirements:Annual Flu VaccineKnowledge, Skills, and Abilities:Required Competencies:Expertise in firewalls, IDS/IPS, SIEM tools, vulnerability management, and endpoint security solutions.Strong understanding of compliance frameworks (HIPAA, HITRUST, NIST, SOC2).Experience with risk management and tracking risks through a risk register.Experience developing and enforcing security policies, procedures, and best practices.Ability to review and analyze security logs and proactively address vulnerabilities.Strong communication skills and ability to work cross-functionally with IT, compliance, HR, and data teams.Physical Requirements:Exerting up to 10 pounds of force occasionally (up to 1/3 of the time) and/or a negligible amount of force frequently (1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body.Sedentary work involves sitting most of the time but may involve walking or standing for brief periods of time.Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.ABOUT HEALTHTEAM ADVANTAGEHealthTeam Advantage is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. HealthTeam Advantage (HTA), a Greensboro-based health insurance company, offers Medicare Advantage plans to eligible Medicare beneficiaries in 33 North Carolina counties. HTA has been named a “Best Places to Work” finalist three times by Triad Business Journal. To learn more, visit HealthTeamAdvantage.com

Requirements