Spire Orthopedic Partners · 15 hours ago
Lead Senior Information Security Engineer
Stamford, CT
Full-time
Hybrid
Senior Level, Lead/Staff
7+ years expSpire Orthopedic Partners is a growing national partnership of orthopedic practices that provides support and operational resources to physicians. The Lead Senior Information Security Engineer is responsible for designing, implementing, and operating technical safeguards across a multi-site healthcare platform, ensuring compliance with healthcare regulations like HIPAA while defending against cyber threats.
Health CareHospitalPersonal Health
Responsibilities
Design and implement enterprise security controls across Azure and SaaS environments, focusing on Entra ID/Azure AD, MFA, SSO, and privileged access
Administer endpoint protection (EDR/XDR), encryption, and patching
Conduct security architecture reviews and maintain the infrastructure security architecture to address evolving threats
Build, maintain, and evaluate security monitoring tools (e.g., SIEM, Microsoft Defender suite, Sentinel) to ensure they reflect organizational needs
Develop and maintain automation scripts (PowerShell, Python, or Logic Apps) to streamline security workflows and threat response
Lead internal processes to ensure adherence to HIPAA/HITECH, PCI, SOX, and HITRUST
Perform risk assessments by documenting asset profiles, evaluating threats, and identifying mitigating controls
Lead security evaluations for key vendors and potential corporate acquisitions, facilitating the integration of new practices into the security stack
Act as the subject matter expert (SME) for creating and maintaining corporate security policies, standards, and procedures based on frameworks like NIST CSF or ISO 27000
Lead efforts in detecting, analyzing, and escalating security-related events
Collaborate with IT stakeholders to control, remediate, and recover from security incidents or breaches
Perform vulnerability assessments across various technologies and develop comprehensive mitigation strategies
Proactively hunt for threats using internal logs and external intelligence to identify risks before they result in a breach
Lead the development and implementation of the security awareness training program, including LMS modules, newsletters, and presentations
Work independently and across departments (IT, clinical, and business leadership) to embed security best practices into all initiatives
Provide technical mentorship and guidance to junior IT staff and engineers to foster a security-first mindset across the organization
Qualification
Required
Bachelor's degree in Information Technology, Cybersecurity, or a related field
7+ years as an information security professional with expertise in security architecture, IAM, data protection, and incident response
Advanced experience with Microsoft technologies (Azure, M365, Defender, Sentinel) and physical/cloud infrastructure protocols
Deep understanding of HIPAA/HITECH and healthcare industry standards
Strong analytical, problem-solving, and project prioritization abilities with excellent English written and oral communication skills
Preferred
CISSP (highly preferred), CISM, Security+, or AZ-500 preferred
Previous experience in healthcare or clinical system environments preferred
Experience supporting multi-site or acquisitive organizations preferred
Benefits
Excellent growth and advancement opportunities
Dynamic environment
Access to a diverse network of practitioners
Broad infrastructure of tools and programs to enhance the employee experience
Competitive Compensation
Generous PTO
Benefits package: health, dental, vision, 401(k), etc.
Company
Spire Orthopedic Partners
Spire Orthopedic Partners provides capital and management services to orthopedic and spine physicians.
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
unknownKey Investors
Kohlberg & Company
2019-07-08Private Equity
Leadership Team
Christopher Fusco
Chief Executive Officer
Leigh Herzog
Chief Operating Officer
Recent News
2026-01-16
2025-09-29
Company data provided by crunchbase