Security Engineer

Security Engineer

OnMed's purpose is to improve the quality of life and sense of wellbeing in communities by transforming how people access care. OnMed is defining a new standard in healthcare—combining the scalability of telehealth with the comprehensive diagnostics of one-to-one care. The OnMed CareStation, an 8x11 Clinic-in-a-Box, delivers real-time, personalized support where and when it's needed most. This is a groundbreaking healthcare company redefining access, making high-quality care available to everyone, everywhere.

You are a skilled and proactive Security Engineer with a passion for protecting digital environments and ensuring the integrity of cloud-native applications, local networks, and physical infrastructure. You stay current with emerging security threats and technologies, and you're eager to contribute to a growing organization where your work directly impacts the safety and resilience of our systems. You thrive in collaborative environments and are comfortable working across teams and with external partners to uphold security standards and compliance.

Role's Responsibilities:

• Supporting the development and implementation of security protocols to protect OnMed's data, infrastructure, networks, and facilities.
• Assisting in the configuration and management of monitoring and alerting tools to proactively detect and respond to threats.
• Collaborating cross-functionally to ensure platforms comply with OnMed's security policies and infrastructure.
• Managing access controls for digital systems and physical facilities.
• Maintain and continuously improve SOC 2 control frameworks.
• Work closely with external auditors and internal stakeholders to ensure evidence collection and policy adherence.
• Monitor control effectiveness and support remediation efforts where needed.
• Review and respond to security questionnaires from vendors and customers.
• Conduct security due diligence on third-party tools and service providers.
• Track and maintain documentation for vendor risk assessments.
• Lead triage, investigation, and mitigation of security incidents.
• Coordinate with relevant teams to ensure timely containment and recovery.
• Conduct root cause analysis and recommend improvements to prevent recurrence.
• Collaborate with IT and engineering to implement and manage security tools (SIEM, EDR, etc.).
• Monitor infrastructure and application logs for threats and anomalies.
• Automate security checks and integrate security into CI/CD pipelines as needed.
• Assist in the development and enforcement of security policies and procedures.
• Support employee security training and awareness initiatives.
• Assisting in the implementation of Zero Trust protocols across OnMed platforms.
• Leveraging automation to monitor, alert, and resolve security incidents.
• Helping maintain compliance with SOC 2 and HITRUST standards and contributing to formal reporting efforts. Participating in regular risk assessments and internal audits.
• Supporting physical security operations, including access control and video surveillance audits.
• Performing other related role's responsibilities as assigned.