Security Operations Engineer

ModMed is hiring a driven Security Operations Engineer to join our growing Security Operations team. This role is ideal for an engineer with a strong foundation in infrastructure, systems, or network engineering who has developed a focus on security and wants to apply those skills directly to Security Operations.

The Security Operations Engineer will be responsible for leading enterprise vulnerability management activities, performing in-depth security event analysis, and supporting incident response investigations. The role combines technical engineering fundamentals with security expertise to identify and remediate vulnerabilities, investigate complex incidents, and continuously improve operational security processes.

This position works closely with the Senior Manager of Security Operations and cross-functional partners across IT, Engineering, and Compliance to reduce organizational risk, ensure regulatory compliance, and strengthen the company's overall security posture.

Your Role:

• Perform vulnerability scanning and assessments across enterprise systems, applications, and networks.
• Analyze and prioritize vulnerabilities based on risk and exploitability; coordinate remediation with system owners and engineering teams.
• Track remediation progress and produce vulnerability management metrics for leadership and compliance reporting.
• Investigate and analyze security events by correlating logs, network traffic, and system telemetry.
• Support incident response activities, including containment, forensic data collection, root cause analysis, and lessons learned reviews.
• Research emerging vulnerabilities, threats, and attack techniques to inform detection, response, and risk management.
• Collaborate with the Security Operations Analysts to integrate vulnerability intelligence and technical findings into threat detection and response workflows.
• Develop and maintain operational playbooks, procedures, and technical documentation to support audits, compliance, and continuous improvement.

Skills & Requirements:

• Bachelor's degree in Information Security, Cybersecurity, Information Technology, Computer Science, or equivalent experience (in lieu of degree, minimum 7 years related technical experience).
• 7+ years of experience in systems administration, network engineering, or infrastructure engineering with a security focus.
• Strong understanding of enterprise networking, operating systems, and IT infrastructure.
• Experience conducting vulnerability assessments and coordinating remediation.
• Familiarity with incident response processes (investigation, containment, recovery).
• Ability to analyze logs, network traffic, and system telemetry to identify threats.
• Experience working in regulated environments or with compliance frameworks (HIPAA, NIST, ISO).
• Strong written and verbal communication skills with the ability to present findings to both technical and executive audiences.

Preferred Qualifications

• 9+ years of combined infrastructure engineering and security experience.
• Experience in healthcare or other highly regulated industries.
• Scripting, IaC, or automation experience (e.g., Python, Bash, Terraform).
• Exposure to advanced security monitoring, detection engineering, or threat analysis. (SIEM/SOAR)
• Relevant security certifications such as Security+, CySA+, GCIH, or CISSP.
• Experience collaborating across IT, Engineering, and Compliance teams to drive remediation actions and risk reduction.

#LI-DV1