SENIOR SECURITY ENGINEER
$155,563–$179,712 year
Hybrid · Daly City, California, United States
Job Summary
Senior Security Engineer leads the design, implementation, and governance of NEMS enterprise security architecture across clinic sites, data centers, and cloud infrastructure in a hybrid multi-site environment. Responsible for Zero-Trust alignment, IAM governance, MFA/PAM policies, quarterly IAM audits, endpoint management across 2,500+ endpoints, security patching, EDR deployments, network access controls, policy development under NIST/HIPAA/HITECH, SOC coordination, incident response frameworks, and regulatory audit readiness. Acts as primary technical liaison with external security vendors and internal teams, mentors junior staff, and maintains ongoing threat and compliance posture.
Required Qualifications
- Bachelor's Degree in Cybersecurity, Computer Science, Information Technology, Information Security, or a related STEM field required.
- Equivalent combination of 8+ years of directly relevant security engineering and IAM experience may be substituted for degree requirement.
- Certified Information Systems Security Professional (CISSP) is required.
- Minimum 5 years of enterprise security engineering experience including architecture design, security policy governance, hands-on technical implementation, and demonstrated security leadership owning outcomes across infrastructure, applications, and networks.
- Minimum 3 years of hands-on experience in each of the following: designing and implementing identity and access management; designing and implementing endpoint detection and response solutions; developing and maintaining security policies aligned to NIST or ISO 27001 frameworks; and coordinating with external security vendors, SOCs, and managed security service providers.
- Demonstrated experience conducting security risk assessments, vulnerability management, and threat analysis.
- Demonstrated experience with incident response coordination, root cause analysis, and post-incident reviews.
- Demonstrated experience with healthcare compliance frameworks including HIPAA Security Rule and HITECH requirements.
- Experience in healthcare information technology or Federally Qualified Health Center (FQHC) environments preferred.
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.