Senior Corporate Security Engineer

Who We Are:

SmithRx is a rapidly growing, venture-backed Health-Tech company.  Our mission is to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting edge technology, innovative cost saving tools, and best-in-class customer service.  With hundreds of thousands of members onboarded since 2016, SmithRx has a solution that is resonating with clients all across the country.

We pride ourselves for our mission-driven and collaborative culture that inspires our employees to do their best work. We believe that the U.S healthcare system is in need of transformation, and we come to work each day dedicated to making that change a reality. At our core, we are guided by our company values:

• Integrity: Do the right thing. Especially when it’s hard.
• Courage: Embrace the challenge.
• Together: Build bridges and lift up your colleagues.

• Advise on security best practices to IT personnel on design, implementation, and maintenance of  secure systems and networks, including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices.
• Develop, deploy and manage tools to secure and monitor corporate assets including ownership of Endpoint Detection & Response (EDR) and Data Loss Prevention (DLP).
• Review security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents from the Legal and Compliance teams. Monitor and analyze security logs and events, and be available to advise  on security incidents in a timely manner.
• Collaborate with cross-functional teams to ensure that security requirements are incorporated into corporate security processes/procedures/measures.
• Provide technical expertise and guidance to IT teams to ensure that security controls are effectively implemented and maintained.
• Stay updated on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
• Participate in incident response activities, including investigation, containment, and recovery efforts, as needed. (During business hours: this is not an on-call position.)
• Provide training and awareness programs to educate employees and users about CorpSec security best practices and procedures.

• Strong knowledge of CorpSec principles, best practices, and industry standards, such as CIS Critical Security Controls.
• Hands-on experience with some corporate security tooling, such as firewalls, IDS/IPS, SIEM, DLP, antivirus, vulnerability scanning tools, etc.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.A risk-based approach to prioritization, rather than checkbox ticking
• Experience with identity management: TKTK and current identity management best practices

What SmithRx Offers You: 

• Total Rewards package that includes incentive bonus and stock options
• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, Life insurance 
• Flexible Spending Benefits 
• Discretionary Time Off 
• 401(k) Retirement Savings Program 
• Commuter Benefits 
• Paid Parental Leave benefits
• Professional development and training opportunities