Senior Security Engineer
🇺🇸 United States
Management
Python
Kubernetes
AWS
Azure
Terraform
Finance
Machine Learning
Design
Legal
Cybersecurity
Devops
Testing
Security Engineer
Senior Security Engineer
from 🇺🇸 United States
About Medical Guardian:Â
Medical Guardian is a fast-growing digital health and safety company on a mission to help people live a life without limits. With 13 consecutive years on the Inc. 5000 list of Fastest Growing Companies, we’re redefining what it means to age confidently and independently.Â
We support over 625,000 members nationwide with life-saving emergency response systems and remote patient monitoring solutions. Trusted by families, healthcare providers, and care managers, our work is powered by a culture of innovation, compassion, and purpose.Â
Position Summary:
We are seeking a highly skilled and strategicSenior Security Engineer to strengthen and mature our enterprise security capabilities as part of the broader IT Operations organization. This role is responsible for securing cloud infrastructure, AI platforms, applications, endpoints, identity systems, and core operational environments.Â
The Senior Security Engineer will work closely with Infrastructure, Engineering, Compliance, QA, IT Operations, and external security service providers to proactively reduce risk while enabling business growth. This position reports directly to the Head of Infrastructure and Information Security, with a dotted-line reporting relationship to the CISO for strategic alignment, governance oversight, and security program direction.Â
This role serves as the primary technical lead for security incident response, responsible for coordinating internal response teams, activating third-party incident response partners when required, and leading containment and recovery efforts during active security events. The position requires the ability to respond to and manage security incidents outside of standard business hours when necessary.Â
This is a hands-on senior engineering role with architectural ownership, external partner oversight, and mentorship responsibilities.
Key Responsibilities:
Security Architecture and EngineeringÂ
- Design and implement secure architecture patterns across Azure and AWS cloud environments, as well as on-prem and hybrid infrastructuresÂ
- Lead security design reviews for infrastructure and application initiativesÂ
- Engineer and optimize enterprise security controls across endpoint protection, threat detection and response, network security, email security, data protection, cloud access governance, and privileged access managementÂ
- Define and implement Zero Trust principlesÂ
Cloud Security, Azure FocusedÂ
- Harden Azure security posture including Entra ID governance, RBAC design, Conditional Access, PIM, Defender for Cloud, Defender for Cloud Apps, and Private Link architectureÂ
- Implement and manage cloud posture management and cloud workload protection capabilities, including CSPM and CNAPP toolingÂ
- Secure Kubernetes and containerized workloadsÂ
- Automate security guardrails using infrastructure as code such as Terraform, Bicep, and CloudFormationÂ
- Implement enterprise data classification, DLP, encryption, and tenant-level controls across Microsoft 365 and Azure to prevent data exfiltration and unauthorized AI service accessÂ
AI and Emerging Technology SecurityÂ
- Design, implement, and enforce security controls for enterprise AI platforms including Azure OpenAI, Microsoft Copilot, Azure Machine Learning, and related AI servicesÂ
- Secure AI model training data, inference endpoints, APIs, and service principals while enforcing governance controls to prevent exposure of sensitive or regulated dataÂ
- Develop guardrails to detect and prevent shadow AI adoptionÂ
- Evaluate third-party AI tools for security, privacy, and data residency risksÂ
- Partner with Legal and Compliance teams to support responsible AI governance and regulatory requirementsÂ
Application SecurityÂ
- Partner with DevOps and Engineering teams to integrate automated application security testing, including static analysis, dynamic testing, and secret detection, into CI and CD pipelines prior to deploymentÂ
- Perform threat modeling and architecture risk assessmentsÂ
Threat Detection and Incident ResponseÂ
- Serve as incident response lead for security events, coordinating internal response teams and activating third-party incident response partners as neededÂ
- Lead containment, eradication, and recovery efforts during security incidentsÂ
- Enhance detection engineering use cases within SIEM and develop automated response playbooksÂ
- Lead post-incident reviews and root cause analysisÂ
- Lead and facilitate regular incident response tabletop exercises and coordinated response simulations to validate detection, escalation, and cross-functional readinessÂ
Vulnerability ManagementÂ
- Oversee enterprise vulnerability management including scanning, risk-based prioritization, and remediation trackingÂ
- Develop metrics and reporting for executive visibilityÂ
Compliance and RiskÂ
- Support regulatory requirements including HIPAA, HITRUST, SOC 2, and PCI-DSS as applicableÂ
- Assist with audits and evidence collectionÂ
- Develop and maintain security policies and standardsÂ
- Perform third-party risk assessmentsÂ
Security Operations and External Partner ManagementÂ
- Oversee MDR detection coverage, alert tuning, escalation workflows, service level adherence, and integration of logging and telemetry between internal systems and third-party providersÂ
- Collaborate with the MSP on infrastructure security hardening, patching strategy, endpoint protection, and configuration managementÂ
- Drive continuous improvement through regular performance reviews and security posture assessments with external partnersÂ
Leadership and MentorshipÂ
- Provide technical guidance and drive security best practices across IT and Engineering initiativesÂ
- Serve as escalation point for complex security issuesÂ
Required QualificationsÂ
- Must be legally authorized to work in the United States without the need for employer sponsorship now or in the futureÂ
- 5Â or more years of progressive experience in cybersecurity engineeringÂ
- Strong experience in Azure security architecture and hands-on implementation of controls including Entra ID, Conditional Access, PIM, Defender for Cloud, and Private EndpointsÂ
- Deep understanding of network security, identity and access architecture, endpoint protection, and security monitoring and detection engineering principlesÂ
- Experience securing AI and ML platforms or cloud-native AI servicesÂ
- Experience implementing enterprise data protection controls including DLP, Purview, labeling, encryption, and key managementÂ
- Experience with infrastructure as code and automation using Python, PowerShell, Terraform, Bicep, or similar toolsÂ
- Experience securing CI and CD pipelines and containerized environmentsÂ
- Strong knowledge of security frameworks including NIST, CIS, and ISO 27001Â
- Experience managing third-party security operations relationships and holding vendors accountable to defined service levelsÂ
Preferred QualificationsÂ
- Experience in regulated industries such as healthcareÂ
- Experience implementing Zero Trust architecturesÂ
- Security certifications such as CISSP or CCSP strongly preferred. Azure security certifications including AZ-500 highly valued. GIAC certifications such as GCED or GCIA and OSCP are considered a plus.Â
Work Environment & Requirements:Â
- Hybrid work model with on-site presence required two days per week at the Philadelphia locationÂ
- Serve as the primary incident response lead, including availability outside standard business hours to coordinate and manage security incidents and engage third-party incident response partners when necessaryÂ
- Candidates must be authorized to work in the United States without current or future need for visa sponsorship.
- Health Care Plan (Medical, Dental & Vision)
- Paid Time Off (Vacation, Sick Time Off & Holidays)
- Company Paid Short Term Disability and Life Insurance
- Retirement Plan (401k) with Company Match






