Plus
Включить Plus
Назад
Company hidden
3 дня назад

Security Operations Engineer (Healthcare)

Формат работы
hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Operations Engineer (Cybersecurity): Defending a healthcare organization by managing detection engineering, incident response, and security stack health with an accent on cloud and AI workloads. Focus on tuning SIEM/EDR detections, automating security workflows with Python/PowerShell, and ensuring HIPAA/SOC 2 compliance.

Location: Hybrid - at least 3 days/week in Dallas, TX offices

Company

A specialty care platform connecting patients with top specialists to deliver high-quality care with significant cost savings for employers.

What you will do

  • Monitor, triage, and investigate alerts across SIEM, EDR, NDR, and DLP platforms.
  • Lead incident response activities including scoping and containment in alignment with NIST SP 800-61r2.
  • Develop and tune detection rules, correlation queries, and behavioral models across the security stack.
  • Build security automation workflows to reduce manual triage using Python, PowerShell, and GitHub Actions.
  • Support vulnerability management operations including Tenable scan management and remediation tracking.
  • Investigate anomalous activity and develop detection logic specific to AI agent infrastructure and LLM-based services.

Requirements

  • 4+ years of experience in a Security Operations Center (SOC) or related security operations role.
  • Hands-on experience with SIEM platforms (Sumo Logic, Splunk, Microsoft Sentinel) and EDR (CrowdStrike Falcon preferred).
  • Scripting proficiency in Python and/or PowerShell for automation and tool integration.
  • Familiarity with cloud security concepts in Azure or AWS and cloud-native log sources.
  • Understanding of compliance-driven security in regulated environments (HIPAA, SOC 2, or HITRUST).
  • Must be based in or able to work hybridly from Dallas, TX (3 days/week).

Nice to have

  • Experience with AI/agentic system risks, including prompt injection and LLM audit log analysis.
  • Familiarity with NDR platforms (Darktrace) and DLP tools.
  • Certifications such as GCIA, GCIH, CySA+, or SC-200.
  • Experience building CI/CD-integrated security automation via GitHub Actions or Azure DevOps.

Culture & Benefits

  • Comprehensive medical, dental, and vision insurance.
  • 401k with company match.
  • Flexible Time Off and Paid Parental Leave.
  • Short-term and long-term disability and life insurance.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →