Senior Security Engineer

About the role

About Medical Guardian: Medical Guardian is a fast-growing digital health and safety company on a mission to help people live a life without limits. With 13 consecutive years on the Inc. 5000 list of Fastest Growing Companies, we're redefining what it means to age confidently and independently. We support over 625,000 members nationwide with life-saving emergency response systems and remote patient monitoring solutions. Trusted by families, healthcare providers, and care managers, our work is powered by a culture of innovation, compassion, and purpose. Position Summary: We are seeking a highly skilled and strategic Senior Security Engineer to strengthen and mature our enterprise security capabilities as part of the broader IT Operations organization. This role is responsible for securing cloud infrastructure, AI platforms, applications, endpoints, identity systems, and core operational environments. The Senior Security Engineer will work closely with Infrastructure, Engineering, Compliance, QA, IT Operations, and external security service providers to proactively reduce risk while enabling business growth. This position reports directly to the Head of Infrastructure and Information Security, with a dotted-line reporting relationship to the CISO for strategic alignment, governance oversight, and security program direction. This role serves as the primary technical lead for security incident response, responsible for coordinating internal response teams, activating third-party incident response partners when required, and leading containment and recovery efforts during active security events. The position requires the ability to respond to and manage security incidents outside of standard business hours when necessary. This is a hands-on senior engineering role with architectural ownership, external partner oversight, and mentorship responsibilities. Key Responsibilities: Security Architecture and Engineering Design and implement secure architecture patterns across Azure and AWS cloud environments, as well as on-prem and hybrid infrastructures Lead security design reviews for infrastructure and application initiatives Engineer and optimize enterprise security controls across endpoint protection, threat detection and response, network security, email security, data protection, cloud access governance, and privileged access management Define and implement Zero Trust principles Cloud Security, Azure Focused Harden Azure security posture including Entra ID governance, RBAC design, Conditional Access, PIM, Defender for Cloud, Defender for Cloud Apps, and Private Link architecture Implement and manage cloud posture management and cloud workload protection capabilities, including CSPM and CNAPP tooling Secure Kubernetes and containerized workloads Automate security guardrails using infrastructure as code such as Terraform, Bicep, and CloudFormation Implement enterprise data classification, DLP, encryption, and tenant-level controls across Microsoft 365 and Azure to prevent data exfiltration and unauthorized AI service access AI and Emerging Technology Security Design, implement, and enforce security controls for enterprise AI platforms including Azure OpenAI, Microsoft Copilot, Azure Machine Learning, and related AI services Secure AI model training data, inference endpoints, APIs, and service principals while enforcing governance controls to prevent exposure of sensitive or regulated data Develop guardrails to detect and prevent shadow AI adoption Evaluate third-party AI tools for security, privacy, and data residency risks Partner with Legal and Compliance teams to support responsible AI governance and regulatory requirements Application Security Partner with DevOps and Engineering teams to integrate automated application security testing, including static analysis, dynamic testing, and secret detection, into CI and CD pipelines prior to deployment Perform threat modeling and architecture risk assessments Threat Detection and Incident Response Serve as incident response lead for security events, coordinating internal response teams and activating third-party incident response partners as needed Lead containment, eradication, and recovery efforts during security incidents Enhance detection engineering use cases within SIEM and develop automated response playbooks Lead post-incident reviews and root cause analysis Lead and facilitate regular incident response tabletop exercises and coordinated response simulations to validate detection, escalation, and cross-functional readiness Vulnerability Management Oversee enterprise vulnerability management including scanning, risk-based prioritization, and remediation tracking Develop metrics and reporting for executive visibility Compliance and Risk Support regulatory requirements including HIPAA, HITRUST, SOC 2, and PCI-DSS as applicable Assist with audits and evidence collection Develop and maintain security policies and standards Perform third-party risk assessments Secur

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Medical Guardian? Share your experience