Cyber Security Engineer (Application Security) @ TherapyNotes, LLC | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Cyber Security Engineer (Application Security) jobs in United States
200+ applicants
company-logo

TherapyNotes, LLC · 6 hours ago

Cyber Security Engineer (Application Security)

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level
money$90K/yr - $130K/yr
date5+ years exp
ftfMaximize your interview chances
Health CareTherapeutics

Insider Connection @TherapyNotes, LLC

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Hands-on management of all security solutions across the organization: SIEM, DLP, E/XDR, vulnerability management, security awareness
Monitor security alerts, respond to incidents, and manage escalation
Participate in Incident Response on-call rotation
Conduct threat analysis, vulnerability assessments, and risk evaluation
Manage and secure identities in Microsoft Entra ID through Conditional Access and Entitlement Management
Develop and implement strategies for Data Loss Prevention and identify gaps in DLP coverage
Stay informed about the latest cyber threats, attack methodologies, and vulnerabilities to ensure TherapyNotes remains resilient against evolving risk
Conduct periodic system and network configuration reviews to ensure compliance with security standards
Identify and document cyber risks and manage mitigation, follow up on open security risks, and report issues to leadership
Align Zero Trust principles with organizational security goals to ensure secure access to corporate resources, both on-premises and in the cloud
Participate in audits and assessments, supporting governance, risk management, and compliance (GRC) efforts
Collaborate with developmental teams to ensure security is continuously integrated into the Software Development Lifecycle (SDLC) and CI/CD pipeline
Enforce secure coding standards and best practices to minimize vulnerabilities and to protect the confidentiality, integrity, and availability of our customer's data
Perform in-depth security assessments, code reviews, and threat modeling on applications to identify potential vulnerabilities and risk
Ensure application security measures align with healthcare regulations and standards (e.g., HIPAA, HITRUST, and HITECH) and support regular audits
Collaborate with developers to remediate vulnerabilities, providing actionable guidance and ensuring effective patching or mitigation measures
Develop, deploy, and manage security tools and technologies (e.g., SAST, DAST, vulnerability management systems) to automate security testing and scanning processes
Support application security incident response activities, identifying the root cause of security incidents and contributing to resolution strategies
Contribute to security awareness programs for the development teams, focusing on secure coding practices and proactive security measures

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Application SecurityCyber SecurityThreat IntelligenceVulnerability ManagementIncident ResponseHealthcare RegulationsAPI SecuritySecure Coding PracticesCI/CD IntegrationCloud SecurityWindowsLinuxCISSPSSCPHCISPPHL7SASTDASTIntrusion Detection SystemsAnti-virus SoftwareIdentity Management SystemsLog ManagementContent Filtering

Required

Bachelor's degree from an accredited postsecondary institution or program in information security, information technology, computer science, or related field preferred.
5+ years of experience in application security or related role
Strong understanding of healthcare regulations (HIPAA, HITECH, HITRUST) and their impact on application security
Experience working in healthcare or other highly regulated industries
Experience with API security, especially for integrations with other healthcare systems
Familiarity with the unique threat landscape of the healthcare industry, including ransomware and PHI-targeted attacks
Demonstrated experience integrating security in CI/CD pipelines in a SaaS environment
Understanding of secure coding practices for applications that process sensitive data
Proven ability to conduct security assessments, vulnerability management, and incident response
Strong understanding of OS platforms (Windows, Linux) and endpoint security
Deep understanding and experience in managing and securing cloud infrastructure and cloud-based applications
Expert in the latest security principles, techniques, and standards
Proficiency in various security systems: intrusion detection systems, anti-virus software, identity management systems, log management, content filtering, etc.

Preferred

Experience working in healthcare or other highly regulated industries
Familiarity with HL7, or other healthcare data standards
Industry certifications such as CISSP, SSCP or Healthcare-specific security certifications (e.g., HCISPP)
Prior experience securing cloud environments (Azure, AWS)

Benefits

Employer sponsored health, dental, vision, life, and disability insurance
Retirement plan with company contribution
Annual company profit sharing
Personal development/training budget
Open, collaborative work environment
Extensive 2-week onboarding plan
Comprehensive mentorship program

Company

TherapyNotes, LLC

twittertwittertwitter
company-logo
TherapyNotes® is an online practice management system for behavioral health, featuring robust notes, scheduling, and billing features.
dateFounded in 2010
location
Horsham, Pennsylvania, USA
people-size201-500 employees
web-link
https://www.therapynotes.com/

Funding

Current Stage
Growth Stage

Leadership Team

B
Brad Pliner
CEO
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot