[Hiring] Cybersecurity Engineer @DrFirst

Role Description

We're seeking a proactive Cybersecurity Engineer to strengthen our security posture across audit compliance, cloud infrastructure, corporate security support, and AI-driven security initiatives. This role requires deep technical expertise, project management skills, and the ability to collaborate effectively across teams.

Who will love this job

• An Innovator: who thinks outside the box to introduce new methods, ideas, and products
• A Problem solver: who is passionate about using technology to solve complicated problems, and harnessing the power of data to adopt new tactics to enhance efficiency and scalability
• A Team builder: who enjoys coaching developers, product owners and other security team members in understanding security principles; attracting and retaining A-players
• A Trusted advisor: someone with strong leadership acumen who always strives to do better tomorrow than today, and continuously improve DrFirst security program
• A Driver: who works with purpose and passion; someone who will elevate our technical teams through new perspectives, ideas, and solutions
• A Collaborator: who can navigate internal teams together to deliver best in class products contributing to DrFirst’s market share and profitability targets.

What you will work on

• Audit Leadership (25%)
  • Work with cross-org stakeholders to implement and monitor AI-specific controls based on NIST AI 600 and HITRUST AI Certification
  • Lead evidence collection for certified audits using security read-only access to production systems
  • Coordinate with departmental subject matter experts to ensure timely audit completion
  • Apply technical expertise to streamline audit processes and maintain compliance
• Cloud Security & Monitoring (25%)
  • Conduct internal audits of AWS and GCP configurations for security compliance
  • Recommend cloud settings to optimize security and operational efficiency
  • Fine-tune security alerts to minimize false positives and maximize actionable intelligence
• Corporate Security Support (25%)
  • Complete customer security questionnaires promptly and accurately
  • Maintain current knowledge of product security controls and changes
  • Develop and maintain NIST 800-53 control frameworks for proactive customer sharing
  • Execute Vendor Risk Assessments (VRAs) with focus on emerging trends and preferred vendor guidance
• AI Security Program Development (25%)
  • Monitor AI-driven security developments and implementation best practices
  • Understand evolving AI security governance frameworks and compliance requirements
  • Implement AI security monitoring systems and respond to compliance alerts

Qualifications

• Deep expertise in AWS and GCP security configurations
• Strong understanding of NIST 800-53 and security compliance frameworks
• Experience with security monitoring tools and alert management
• Scripting abilities for automation (Python, PowerShell, or similar)
• Exceptional critical thinking and problem-solving skills
• Proven project management experience from concept to implementation
• Strong cross-functional collaboration and influence skills
• Detail-oriented with ability to manage competing priorities
• Professional judgment to focus on high-impact activities

Requirements

• 5+ years in cybersecurity engineering or related field
• Experience with certified security audits (SOC 2, ISO 27001, HITRUST)
• Background in cloud security architecture and monitoring
• Track record of process improvement and automation initiatives

Preferred Qualifications

• Security certifications (CISSP, CCSP, AWS Security, GCP Security)
• Experience with AI/ML security frameworks
• Background in vendor risk assessment processes
• Previous experience in customer-facing security communications

Physical Requirements

• 90% Desk/phone work
• 10% Standing/moving throughout the office

Benefits

• Competitive compensation, with a base salary of $130,000 - $150,000 (Exact compensation may vary based on skills and experience)
• Eligible for Company Performance-based Bonus Program, based on individual and company performance
• Medical, dental, and vision insurance
• 401K eligible after 3 months of employment, with 50% company match up to first 5% of salary contributed to the plan with a 3-year vesting schedule
• HSA for eligible employees enrolled in the HDHP, with a generous company contribution up to $500 for individual coverage and $1000 for family coverage per year
• 100% company-paid short and long-term disability, AD&D, and group life insurance
• Accrued annual paid time off (PTO) of 18 days for the first 3 years of service, increasing thereafter and 7 paid holiday days
• Employee Assistance Program
• Continuing Education funds up to $1500 annually for eligible programs after 1 year of service
• Voluntary benefits including FSA, Hospital indemnity, Accident and Critical Illness insurances