At Shields, we pride ourselves on our culture of inclusion and kindness and the difference we make in patients' lives every day. We are tremendously proud to be certified as a ‘Great Place to Work’ four years in a row. In 2022, we were awarded US Fortune Best Workplaces in Health Care™, Fortune Best Workplaces for Millennials™ & Fortune Best Workplaces for Women™.

Improving lives and elevating performance are at the heart of everything we do. That’s why more health system leaders trust Shields to elevate access, outcomes and growth within specialty pharmacy — delivering value throughout the entire health system. Leveraging our proven Shields Performance Platform – we deliver the financial results that health systems demand and the superior outcomes patients deserve. With the foremost leaders in specialty pharmacy on our team; proven success partnering with more than 70 health systems; and a vested interest in delivering measurable results – we are the partner health systems trust to transform their specialty pharmacy into a powerful growth engine and elevate performance where it matters most.

The Security engineer is a direct report to the Director of IT Infrastructure and Cyber-Security and will have primary responsibility for day-to-day Security operations in both Microsoft and AWS environments.

The role will focus on ensuring that all Shields infrastructure is secure and aligns to industry best practices. The candidate should be able to demonstrate proficiency with DLP, consulting on vulnerability remediation, managing a SOC solution with specific focus on leading proactive security changes within Shields Information Technology team. You will also work closely with the rest of Shields IT team to lead security investigations and identify root cause of security incidents.

The candidate should also have experience with Microsoft 365 security tools and understand AWS security services and best practices.

The role will focus heavily on HIPPA and PHI understanding, including associated security controls.

Responsibilities Include:

• Management and oversight of our Microsoft 365 security solutions
• Establishing and maintaining security standards for each operating system deployed at Shields
• Daily monitoring of security alerts with subsequent investigation and closure of tickets for critical and high events
• Management and oversight of our DLP system, as well as fine tuning policies and responding to tickets for exception requests
• Lead and coordinate cyber security incidents
• Establish and lead the Shields vulnerability management program with emphasis on measurable goals which reflect progress in maturing Shields security posture
• Oversight of endpoint protection with AV deployments and updates
• Experience with microservices and understanding of security alerts that includes malware/phishing, denial of service, unauthorized access, knowledge of security tools that include SIEM, IDS/IPS, log aggregation (SUMO), malware sandboxing, threat hunting, etc.
• Complete client security attestations on an as needed basis
• On call duties required including managing of security alerts from a variety of sources

Previous Experience

• 3+ years of security assessment or audit experience
• Security project consultancy
• Deep understanding of detective and preventive controls
• Applying application security controls
• Understanding of basic DEVOPS principles
• CISSP, CISA, CISM, or related certification
• Strong Information Security Background with relevant domain and tool knowledge
• Understanding of Security Policies, Standard, and Procedures
• Understanding of security frameworks
• Ability to communicate effectively across functional areas
• Experience with AWS Cloud computing
• Experience deploying security policies with Microsoft 365 tenants.
• Associate or Bachelor's degree in Cybersecurity, Computer Science, Information Technology or a related discipline is preferred

California residents employed by or applying for work at Shields have certain privacy rights. Please review our: California Workforce Privacy Notice and Privacy Policy.  

Shields Health Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.