Senior Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Abarca Health · 11 hours ago

Senior Security Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date6+ years exp

Abarca is igniting a revolution in healthcare, redefining pharmacy benefits through smarter technology. As a Senior Security Engineer, you will enhance cloud and infrastructure security capabilities while protecting sensitive data, collaborating with various teams to implement security strategies and incident response protocols.

Health CareInformation Technology
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Own and drive security engineering initiatives that improve cloud and infrastructure security, including standards, guardrails, and technical controls
Design, implement, and continuously improve security controls across Azure (primary) and supporting services (e.g., Entra ID, Azure Policy, Defender for Cloud, Log Analytics/SIEM as applicable)
Engineer and operationalize identity and access governance controls (RBAC, Conditional Access, privileged access workflows, and access logging) in partnership with other teams
Build and mature detection and response capabilities: tune alerts, improve signal quality, and contribute to playbooks and automation for common security events
Lead technical incident response activities: triage, scope, containment, eradication, recovery, and post-incident corrective actions and lessons learned
Own the technical execution of vulnerability lifecycle management (scanning, triage, prioritization, remediation coordination, and verification) and drive measurable reductions in risk and remediation timelines
Perform security gap assessments; translate findings into actionable remediation plans; and partner with stakeholders to implement durable fixes
Partner with Engineering teams to embed security into delivery processes (secure configuration patterns, CI/CD security checks where applicable, and security reviews for new services and changes)
Support audit and compliance readiness by implementing and validating technical controls aligned to NIST 800-53 and HITRUST, and by producing technical evidence and remediation documentation
Document and maintain security standards, playbooks, and procedures; mentor peers and junior team members; and serve as an escalation point for complex security issues
Continuously monitor emerging threats, security advisories, and cloud platform changes; recommend and implement improvements
Perform other duties and special projects as assigned

Qualification

Cloud securityIdentityAccess managementIncident responseVulnerability managementNIST 800-53HITRUSTSecurity certificationsHealthcare experienceLinux hardeningInfrastructure-as-codeAutomationCommunication

Required

Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent relevant experience)
6+ years of experience in security engineering, infrastructure security, or cloud security
Hands-on experience securing cloud environments (identity, governance, monitoring, and secure configuration patterns)
Strong understanding of identity and access management concepts (RBAC, MFA, privileged access, logging, and least privilege)
Experience leading or materially contributing to incident response and post-incident improvements
Experience managing vulnerability lifecycle activities end-to-end in a cloud environment and partnering with other teams to remediate findings
Experience operating in regulated environments and supporting audits (e.g., HIPAA, SOC 2)
Excellent oral and written communication skills
Availability to work rotating or irregular shifts, including after-hours on-call support, as dictated by operational needs

Preferred

Experience with cloud security tooling such as Microsoft Defender for Cloud, SIEM/SOAR platforms, EDR solutions, CSPM tools, and vulnerability management platforms
Experience with infrastructure-as-code and automation (e.g., Terraform/Bicep, PowerShell/Python) and integrating security checks into CI/CD pipelines
Experience with Linux hardening and container/Kubernetes security concepts
Healthcare or fintech experience with strong control and evidence requirements
Familiarity with NIST 800-53 and HITRUST
Security-related certifications (e.g., CISSP, CCSP, CISM, Security+, AZ-500, or equivalent)

Company

Abarca Health

twittertwittertwitter
Glassdoor3.3
company-logo
Abarca Health is an information technology company that offers healthcare IT services
dateFounded in 2005
location
San Juan, NA - Puerto Rico, PRI
people-size501-1000 employees
web-link
http://abarcahealth.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Adriana Ramirez
President & COO
linkedin

Recent News

PR Newswire
Abarca Unveils Better Balance and Better Access: Two Bold Moves to Redefine Pharmacy Benefit Management for a New Era of Care
2025-12-16
News is my Business
Study: Puerto Rico startups surge despite capital limits
2025-10-31
News is my Business
Endeavor hosts first-ever ‘Meeting of the Americas’ in San Juan
2025-03-27
Company data provided by crunchbase