HimalayasHimalayas logo
DrFirstDR

Sr. Cybersecurity Engineer

DrFirst, Inc. is a leader in healthcare technology solutions that optimize medication management and enhance patient outcomes through innovative software and services.

DrFirst

Employee count: 201-500

Salary: 130k-150k USD

United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

About DrFirst

For 25 years, DrFirst has empowered providers and patients to achieve better health through intelligent medication management. We improve healthcare workflows and help patients start and stay on therapy with end-to-end solutions that enhance prescription access, affordability, and adherence. Our solutions help 100 million patients a year and are used by more than 420,000 prescribers, 71,000 pharmacies, 270 EHRs and health information systems, and over 2,000 hospitals in the U.S. This is a great opportunity to be a part of a successful Healthcare IT company experiencing significant growth. Here you'll get to work with some of the smartest and most interesting people around; solving unique and complex challenges in healthcare on a scale matched by a few companies. If you get excited about stretching yourself in new ways, developing yourself to your fullest potential, care about working with smart colleagues; we want to talk to you!

Position Overview

At DrFirst, we play in the major leagues. Our 5-person security team covers what most organizations staff with ten or more — not by working longer, but by working smarter. We are looking for engineers committed to advancing our security program for the benefit of our team, our customers, and the patients we serve.

We are looking for a different kind of security engineer — a true engineer, not an analyst. You learn continuously and deploy often. You implement as fast as you learn, outpace your peers, and use Claude the way a top-tier engineer builds software — to accelerate delivery by offloading the repetitive and mundane. You believe results speak louder than words, and you are confident enough to show incremental progress quickly and course correct rapidly. That momentum compels you to do more — and you believe, correctly, that delivering results earns respect and reward. If you have been looking for a team worthy of what you can do — keep reading.

What you will work on

This is a domain ownership role. You report directly to the VP Security and work alongside two Principal Security Engineers (PSE1: application security, DevSecOps, AWS network; PSE2: GCP network, unified logging, corporate services, customer-facing security, incident management, and audit delivery). You own your domains, contribute to shared goals, and operate as a peer.

Domain

Scope

Cadence

Corporate Security Operations

Inbox, questionnaires, VRAs, KnowBe4 training and phishing campaigns, onboarding/offboarding compliance, remote worker compliance, endpoint and allowlist controls, policy maintenance, Okta and corporate tool implementation, website and public domain compliance monitoring, data governance implementation

Steady state

Production Alert Triage

AWN, SentinelOne, Proofpoint, Splunk, AWS Security Hub, GCP Security Command Center, Tenable, Zscaler (ZIA/ZPA), endpoint software detection — triage, tuning, escalation to PSE1 (infrastructure) or PSE2 (customer incidents)

Steady state

Audit Evidence Collection

SOC 2 / HITRUST evidence for all controls mapping to your owned domains. PSE2 project manages; you own your evidence slice independently — April through June and August through September

Seasonal burst

Strategic initiatives you step into from day one

• Data governance — retention policy framework in progress; drive implementation by data stream and category, coordinate purge processes across email and corporate data stores

• De-identification service — service is built; drive production data through it to reduce PII/PHI retention exposure across relevant systems

• Corporate Claude environment — own the security architecture, guardrails, and governance for non-engineering staff using Claude for automation and data access via MCPs

How We Work

Our team's DNA is to use Claude to eliminate the manual, repetitive work that consumes capacity — so we can focus on what moves security forward.

What that looks like in practice: a member of our security team automated vulnerability triage across 100 code repositories using Claude Code — a task that previously required manually reading through each finding to determine true vulnerability from false positive. The result was approximately 50% of their capacity freed to focus on critical work. On the compliance side, we overhauled our entire SOC control set — mapping to HITRUST i1, NIST 171, and HIPAA — and increased framework inheritance from 30% to 95%. What would have taken four weeks was completed in 72 hours. This is how we work. This is what we expect from you.

You will be self-directed. With that autonomy comes the accountability to produce results early and often — closed items, not status updates. You set the goal, the strategy, and the plan, and you show momentum within days. You have a proven track record of getting other teams to prioritize your initiatives because your competency earns their respect. Security sets the strategy, Corporate Services implements, and you make that relationship work. Issues that could be closed within a few days do not get pushed two to three weeks out by default.

Think You Can Do This? Here Is What Day 30 Looks Like.

You are energized by opportunity and action. You hit the ground running. By the end of your first 30 days:

Security inbox is owned and running clean — response times consistent, VRA backlog current, customer questionnaire library updated

Alert triage cadence is established — first tuning improvements documented and implemented

At least one Claude automation is live — not planned, not in progress — shipped, with measurable time savings

At least one process improvement identified AND delivered — something nobody asked for

Coming to scrums with closed items and next actions — not updates on what you are still figuring out

Other teams already know your name because you reached out, made the case, and got something moving

You have a clear point of view on at least one strategic initiative and have shared it with the VP

Qualifications

Experience

  • 5+ years in cybersecurity engineering or a closely related role
  • Hands-on operational experience with SIEM platforms, endpoint security, and cloud security tooling
  • Demonstrated experience with AWS and GCP security monitoring — Security Hub, GCP Security Command Center, GuardDuty, or equivalent
  • Background in SOC 2, HITRUST, or NIST 800-53; HIPAA/PHI environment experience preferred
  • Experience completing customer security questionnaires and VRAs at a senior level
  • Scripting or automation experience — Python, PowerShell, or Bash — applied to real operational problems

AI-Augmented Engineering — Non-Negotiable

  • Daily, practical use of Claude or an equivalent LLM — not experimental, not occasional
  • Specific examples of AI measurably accelerating your output — with before/after context you can speak to in detail
  • Ability to construct effective prompts, validate output critically, and catch errors — including knowing when Claude is wrong
  • At least one automation built with AI tooling that eliminated repeatable manual work

Stack Experience — Preferred

  • AWN, SentinelOne, Proofpoint, KnowBe4, Jamf, KACE, Zscaler (ZIA/ZPA), Okta, Tenable, Splunk

Core Attributes

  • Owns it: Takes the domain, assesses what needs to happen, and makes it happen — without waiting to be told
  • Thinks in days: Sets aggressive timelines, consults stakeholders before committing, and closes — does not default to pushing target dates out when a few focused sessions would get it done
  • Earns influence: Gets other teams to prioritize security work through competency and credibility, not escalation
  • Systems thinker: Automates before accepting manual as the default; scripting or programming background applied to security problems
  • Communicates through output: Shows up to scrums with closed items and next actions — credibility comes from work that speaks for itself

Physical Requirements

  • 90% Desk/phone work
  • 10% Standing/moving throughout the office

Benefits

We offer highly competitive compensation — base salary plus structured bonus — that reflects the seniority, breadth, and strategic impact of this role. Strong performers are recognized and rewarded. We invest in people who deliver results and genuinely care about advancing security for DrFirst and the patients and providers we serve.

  • Competitive compensation, with a base salary of $130,000 - $150,000 (Exact compensation may vary based on skills and experience)
  • Eligible for Company Performance-based Bonus Program, based on individual and company performance
  • Medical, dental, and vision insurance
  • 401K eligible after 3 months of employment, with 50% company match up to first 5% of salary contributed to the plan with a 3-year vesting schedule
  • HSA for eligible employees enrolled in the HDHP, with a generous company contribution up to $500 for individual coverage and $1000 for family coverage per year
  • 100% company-paid short and long-term disability, AD&D, and group life insurance
  • Accrued annual paid time off (PTO) of 18 days for the first 3 years of service, increasing thereafter and 7 paid holiday days
  • Employee Assistance Program
  • Continuing Education funds up to $1500 annually for eligible programs after 1 year of service
  • Voluntary benefits including FSA, Hospital indemnity, Accident and Critical Illness insurances

DrFirst is committed to being a Remote-First company, creating a dynamic and flexible workplace where everyone can thrive, no matter where they log in from. Check out our approach to remote work https://drfirst.com/company/about-us/careers/.

Our recruitment process at DrFirst is straightforward and secure. You will only be contacted by our recruitment team through an official @drfirst.com email address. We will never ask you for payment or sensitive personal information, such as your social security number or banking details, at any stage of the hiring process. Additionally, we will not request that you purchase equipment or accept e-checks or checks for deposit. If you encounter any communications claiming to be from DrFirst that seem suspicious, please contact our recruitment team directly at recruiter@drfirst.com to verify the message's authenticity. Your security is important to us!

Learn more about our benefits and professional development opportunities https://drfirst.com/company/about-us/careers/the-perks/.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Salary

Salary: 130k-150k USD

Experience

5 years minimum

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

Cybersecurity EngineeringSecurity OperationsCloud SecurityDevSecOpsCorporate Security

Skills

ClaudeClaude CodeAWS SecurityGCP SecuritySentinelOneProofPointSplunkZscalerOktaTenableKnowBe4PythonPowerShellBASHHIPAACheckDynamicEnhanceEvidenceGuardRailsJamfKeepMakeMatterTask Remote

Browse similar jobs

Remote Senior Cybersecurity-Engineering JobsRemote Full Time Cybersecurity-Engineering JobsRemote Senior Cybersecurity-Engineering Jobs in United StatesRemote Full Time Jobs in United StatesRemote Cybersecurity-Engineering Jobs in United States

About DrFirst

Learn more about DrFirst and their company culture.

View company profile

Since its founding in 2000, DrFirst has been at the forefront of healthcare technology, offering innovative solutions that connect every aspect of the healthcare universe. At DrFirst, we aim to enhance the healthcare experience for patients and healthcare professionals alike. Our technologies help streamline medication management by improving the workflows surrounding prescribing, patient engagement, and medication adherence. Powered by the nation’s largest medication management network, we provide services that ensure patients have real-time access to their medication information and can better manage their treatment plans.

Recognizing that the complexity of medication management leaves healthcare organizations vulnerable to inefficiencies, DrFirst has developed a range of tools that eliminate silos of information and facilitate better communication among all parties involved in patient care, including hospitals, pharmacies, EHRs, and payers. Our commitment to innovation and excellence has been recognized through numerous awards and accolades over the past 25 years. DrFirst continues to innovate, adapting to the ever-changing healthcare landscape while focusing on patient outcomes. We proudly serve over 420,000 prescribers and 71,000 pharmacies across the U.S. and Canada, further solidifying our role as a guardian of the Healthiverse®, dedicated to improving health through intelligent medication management.

Claim this profileDrFirst logoDR

DrFirst

Company size

201-500 employees

Founded in

2000

Chief executive officer

G. Cameron Deemer

Markets

Healthcare TechnologyMedication ManagementPatient EngagementElectronic Health Records (EHR)Pharmacy SolutionsHealthcare CommunicationPrescription ManagementHealth ITDigital HealthHealthcare Software

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

3 remote jobs at DrFirst

Explore the variety of open remote roles at DrFirst, offering flexible work options across multiple disciplines and skill levels.

View all jobs at DrFirst
Top remote companies

Remote companies like DrFirst

Find your next opportunity by exploring profiles of companies that are similar to DrFirst. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan