Senior Information Security Engineer at iRhythm

iRhythm logo


(40 open jobs)

iRhythm Technologies is redefining the standard for ambulatory cardiac monitoring.

Job title
Senior Information Security Engineer
Job listing last updated at
Feb 11, 2021
Job listing location
San Francisco, Lincolnshire or Houston
Job listing source
Job listing link
External link
Bay Area company location: 650 Townsend St # 500, San Francisco CA

Job description

About iRhythm:

iRhythm is a leading digital healthcare company focused on the way cardiac arrhythmias are clinically diagnosed by combining our wearable bio sensing technology with powerful cloud-based data analytics and Artificial Intelligence capabilities. Our goal is to be the leading provider of ambulatory ECG monitoring for patients at risk for arrhythmias. iRhythm’s continuous ambulatory monitoring has already put over 2 million patients and their doctors on a shorter path to what they both need – answers.

About this role:

iRhythm is seeking a Senior Information Security Engineer to support the development, implementation, and ongoing testing of our information services security architecture. Under the direction of the Senior Director, Cyber Security this position will play a key role in continuing to develop our security operations as well as supporting ongoing security governance initiatives.  This is a new role helping to build out our maturing information security function. 

The Senior Information Security Engineert will operate at multiple levels within the organization leading and participating in security operations, projects, risk assessments, incident response, and policy creation and maintenance.  In addition, the Sr. Information Security Analyst will work across the organization acting as a trusted advisor on security related topics identifying and recommending solutions on security related items.  We operate in a highly regulated environment (SOX, SOC 2, HIPAA, GDPR, CCPA, ISO, FDA.  The Joint Commission) and the Senior Security Analyst must have a working knowledge in these regulations.

  • Actively identify, investigate, and respond to security threats and incidents related to systems and workflow to ensure internal security controls are appropriate and operating as intended within the organization
  • Evaluate existing methods and recommend scalable solutions for Security and Incident Response
  • Conduct Proof of Concepts for solutions and technologies required for Security Operations
  • Support sales and customer facing interactions as required
  • Support security evaluations of external vendors as required
  • Collaborate with various teams for security operations and incident response, as required
  • Evangelize security / compliance initiatives and engage with operations and development teams to ensure adherence to security policy guidelines and compliance standards 
  • Play an active role in the coordination and associated remediation activities for our annual SOC 2, HIPAA, NIST, GDPR, CCPA, penetration, and cybersecurity assessments
  • Support the development and ongoing delivery of security awareness training
  • Coordinate execution of annual incident response and disaster recovery table-top walkthroughs and update processes and associated documentation
  • The successful candidate will work cross organizationally through influence and help shape operating processes with value-add recommendations and regulatory guidance

About you:

  • Minimum 10 years of information security experience preferably in a healthcare related industry and public company environment; with at least five (5) years of experience with security operations and threat hunting preferred.
  • Experience managing and responding to security threats.
  • Experience utilizing Security Information and Event Management tools to monitor data flow between networks.
  • Experience with operation of Identity Access Management (IAM), monitoring, and Data Loss Prevention (DLP) solutions such as Okta, Splunk, Mimecast, and Fair Warning.
  • Working knowledge of HIPAA/HITECH, GDPR, ISO, NIST CSF, SOC 2, SOX and other compliance regulations.
  • Ability to think strategically about security risks and tie those to organizational priorities.
  • Capable of building a network of relationships across organizational functions and to liaise with senior management.
  • Excellent written and verbal communication skills; experience developing and delivering presentations and reports.
  • Relevant and current industry certification(s): CISSP, CISM, CISA.
  • Bachelor’s degree in Computer Science, Information Security, or related field required.

What’s in it for you:

This is a full-time position with competitive compensation package, excellent benefits including medical, dental and vision insurance (all of which start on your first day), paid holidays, and PTO!

iRhythm also provides additional benefits including 401K (with company match), an Employee Stock Purchase Plan, paid parental leave, pet insurance discount, Cultural Committee/Charity events, and so much more!

FLSA Status: Exempt

As a part of our core values, we ensure a diverse and inclusive workforce. We welcome and celebrate people of all backgrounds, experiences, skills and perspectives. iRhythm Technologies, Inc. is an Equal Opportunity Employer (M/F/V/D). Pursuant to San Francisco Fair Chance Ordinance, we will consider for employment all qualified applicants with arrest and conviction records.

Make iRhythm your path forward.

Fresh insights and job listings to help in your search for a job in tech.

Get started today