Senior Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Eventus WholeHealth · 3 hours ago

Senior Security Engineer

positionConcord, NC
timeFull-time
remoteHybrid
senioritySenior Level
date7+ years exp

Eventus WholeHealth is seeking a Senior Security Engineer to enhance their IT security framework. The role involves designing, implementing, and managing secure identity and access controls, as well as monitoring and responding to security incidents across various platforms.

Health CareNursing and Residential CareSkill Assessment
check
H1B Sponsor Likelynote

Responsibilities

Design, implement, and operate secure identity and access controls across Microsoft Entra, Microsoft 365, and integrated SaaS platforms, with a strong emphasis on conditional access, multifactor authentication, least privilege, and privileged identity management
Administer and optimize endpoint detection and response (EDR) and managed threat detection tools, including Microsoft Defender and Huntress
Implement and manage secure access and network security solutions, including Zscaler
Monitor, investigate, and respond to security alerts, incidents, and vulnerabilities across endpoints, identities, networks, and cloud workloads
Perform threat hunting, root-cause analysis, and remediation of security events, with an emphasis on preventing recurrence through improved controls and configuration
Secure both human and non-human identities, including service accounts, integrations, and application access, ensuring appropriate lifecycle management
Manage device security posture for Windows and mobile devices using Intune and security baselines
Secure cloud environments in Azure and AWS by implementing identity-centric controls, network segmentation, logging, and secure configuration baselines, and by continuously assessing cloud security posture
Design and maintain secure system and security tool configurations, and implement changes through approved workflows to ensure traceability, reliability, and investigative readiness
Contribute to the design and maturation of the security program, including security architecture patterns, standards, procedures, and technical controls, in partnership with Security, IT, and Compliance leadership
Support healthcare regulatory and compliance requirements (e.g., HIPAA, HITRUST)
Ensure compliance with all federal, state, and local laws, regulations, standards, guidelines, and Eventus WholeHealth policies and procedures pertaining to the job
Remain informed of any changes to federal, state, and local laws, regulations, standards, guidelines, and Eventus WholeHealth policies and procedures that impact the job and the company
Promptly report any non-compliant conduct and/or practices to Eventus WholeHealth’s Chief Compliance and Risk Officer
Ensure adherence to Eventus WholeHealth's Code of Ethics and Business Conduct
Perform the job duties with integrity and professionalism
Promptly report any unethical conduct and/or practices to Eventus WholeHealth’s Chief Compliance and Risk Officer
Strictly protect patient information in accordance with all federal and state privacy laws and Eventus WholeHealth policies and procedures
Promptly report any violations of federal and state privacy laws and Eventus WholeHealth policies and procedures to Eventus WholeHealth’s Chief Compliance and Risk Officer
Maintain accurate and complete documentation when performing the job duties
Ensure that all Eventus WholeHealth information, data, documentation, and records are always safeguarded and maintained confidentially
Participate in all assigned training
Complete all assigned training by the deadline for completion
Engage in regular risk assessments to identify potential risks and work proactively with a supervisor and Eventus WholeHealth’s Chief Compliance and Risk Officer to mitigate any identified risks
Promptly report any incidents (as defined in the 'Incident Report Policy') to the Chief Compliance and Risk Officer

Qualification

IT security experienceMicrosoft Security certificationsMicrosoft 365 securitySecurity engineering principlesNetwork security conceptsEndpoint security solutionsAzure security fundamentalsIncident response knowledgeThreat modelingHealthcare compliance

Required

7-10 years of experience in IT security, security engineering, or a related role
Strong hands-on experience with Microsoft 365 security, including Entra ID, Defender, Purview, and Intune
Familiarity with network security concepts and tools, including secure web gateways and zero trust architectures (e.g., Zscaler)
Experience with endpoint security, EDR, and MDR solutions (e.g., Huntress, Crowdstrike, etc.)
Working knowledge of Azure or AWS security fundamentals
Strong understanding of security engineering principles, including defense-in-depth, identity-first security, least privilege, and zero trust architectures
Experience designing and operating security controls in regulated or privacy-sensitive environments, preferably healthcare
Working knowledge of incident response, forensic investigation support, and root-cause analysis
Ability to reason about threat models, attack paths, and control effectiveness rather than relying solely on tools
Design, implement, and operate secure identity and access controls across Microsoft Entra, Microsoft 365, and integrated SaaS platforms, with a strong emphasis on conditional access, multifactor authentication, least privilege, and privileged identity management
Administer and optimize endpoint detection and response (EDR) and managed threat detection tools, including Microsoft Defender and Huntress
Implement and manage secure access and network security solutions, including Zscaler
Monitor, investigate, and respond to security alerts, incidents, and vulnerabilities across endpoints, identities, networks, and cloud workloads
Perform threat hunting, root-cause analysis, and remediation of security events, with an emphasis on preventing recurrence through improved controls and configuration
Secure both human and non-human identities, including service accounts, integrations, and application access, ensuring appropriate lifecycle management
Manage device security posture for Windows and mobile devices using Intune and security baselines
Secure cloud environments in Azure and AWS by implementing identity-centric controls, network segmentation, logging, and secure configuration baselines, and by continuously assessing cloud security posture
Design and maintain secure system and security tool configurations, and implement changes through approved workflows to ensure traceability, reliability, and investigative readiness
Contribute to the design and maturation of the security program, including security architecture patterns, standards, procedures, and technical controls, in partnership with Security, IT, and Compliance leadership
Support healthcare regulatory and compliance requirements (e.g., HIPAA, HITRUST)
Ensure compliance with all federal, state, and local laws, regulations, standards, guidelines, and Eventus WholeHealth policies and procedures pertaining to the job
Remain informed of any changes to federal, state, and local laws, regulations, standards, guidelines, and Eventus WholeHealth policies and procedures that impact the job and the company
Promptly report any non-compliant conduct and/or practices to Eventus WholeHealth's Chief Compliance and Risk Officer
Ensure adherence to Eventus WholeHealth's Code of Ethics and Business Conduct
Perform the job duties with integrity and professionalism
Promptly report any unethical conduct and/or practices to Eventus WholeHealth's Chief Compliance and Risk Officer
Strictly protect patient information in accordance with all federal and state privacy laws and Eventus WholeHealth policies and procedures
Promptly report any violations of federal and state privacy laws and Eventus WholeHealth policies and procedures to Eventus WholeHealth's Chief Compliance and Risk Officer
Maintain accurate and complete documentation when performing the job duties
Ensure that all Eventus WholeHealth information, data, documentation, and records are always safeguarded and maintained confidentially
Participate in all assigned training
Complete all assigned training by the deadline for completion
Engage in regular risk assessments to identify potential risks and work proactively with a supervisor and Eventus WholeHealth's Chief Compliance and Risk Officer to mitigate any identified risks
Promptly report any incidents (as defined in the 'Incident Report Policy') to the Chief Compliance and Risk Officer

Preferred

Bachelor's degree in computer science, Information Technology, or related field
Relevant security certifications such as Microsoft Security certifications (SC-200, SC-300, SC-400, AZ-500), CompTIA Security certifications (Security+, CySA+, CASP+, etc), or similar

Company

Eventus WholeHealth

twittertwitter
company-logo
Eventus wholehealth provide physician-led healthcare services for residents and patients of skilled nursing and assisted living facilities.
dateFounded in 2014
location
Charlotte, North Carolina, USA
people-size501-1000 employees
web-link
https://www.eventuswholehealth.com/

H1B Sponsorship

Eventus WholeHealth has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2021 (3)

Funding

Current Stage
Late Stage
Total Funding
unknown
Key Investors
Enhanced Healthcare Partners
2021-01-13Debt Financing
2019-01-09Private Equity

Leadership Team

leader-logo
Brent King
Chief Executive Officer
linkedin
C
Cary Trainor
Chief Operating Officer
linkedin

Recent News

Business Wire
Eventus WholeHealth Announces Leadership Appointments to Accelerate Growth and Advance Integrated Care
2025-09-09
Charlotte-area companies in running for CBJ's Fast 50 Awards program
2024-10-25
Newswire
Eventus WholeHealth Announces Acquisition of Premier Geriatric Solutions
2024-05-04
Company data provided by crunchbase