Sr. Security Analyst - Enterprise Security
Blink Health is a healthcare technology company that builds products to make prescriptions accessible and affordable to everybody. Our two primary products – BlinkRx and Quick Save – remove traditional roadblocks within the current prescription supply chain, resulting in better access to critical medications and improved health outcomes for patients.
BlinkRx is the world’s first pharma-to-patient cloud that offers a digital concierge service for patients who are prescribed branded medications. Patients benefit from transparent low prices, free home delivery, and world-class support on this first-of-its-kind centralized platform. With BlinkRx, never again will a patient show up at the pharmacy only to discover that they can’t afford their medication, their doctor needs to fill out a form for them, or the pharmacy doesn’t have the medication in stock.
We are a highly collaborative team of builders and operators who invent new ways of working in an industry that historically has resisted innovation. Join us!
- Design and implement Threat and Vulnerability Management program for Devices, Network, and Enterprise Applications.
- Perform periodic vulnerability scans of laptops, desktops, and servers. Triage findings. Work with stakeholders to fix the vulnerabilities.
- Perform periodic vulnerability scans of Firewalls, VPN, Network Switches, Wireless Access Points, Cameras. Triage findings. Work with stakeholders to fix vulnerabilities.
- Establish a process to obtain threat intelligence from vendors and authorities. Work with stakeholders to fix the vulnerabilities.
- Ensure all security event logs are sent to SIEM software.
- Monitor and respond to alerts from SIEM software.
- Monitor and respond to alerts from Endpoint protection software. Isolate/quarantine devices and clean malware when necessary
- Implement and monitor DLP and respond to DLP alerts.
- Maintain and administer security watch list.
- Perform Network Traffic Analysis and monitor for malicious activity.
- Setup and maintain email security controls. Monitor and respond to email security incidents and phishing reports.
- Establish process for 3rd party application management. Maintain allow list and deny list.
- Monitor the presence of unauthorized remote access tools and have them removed.
- Audit and ensure key enterprise applications (Okta, G Suite, Slack, and Zoom etc.) have secure configurations.
- Perform device forensic when necessary.
- Conduct Internal pen tests. Triage findings. Work with stakeholders to fix the vulnerabilities.
- Perform PCI compliance ASV scans and mitigate any issues.
- Ensure controls are implemented and monitored for HITRUST, HIPAA, and PCI
- Security Incident Management of Devices, Networks, and Enterprise Applications
- Prepare standards for OS images for laptops, desktops, servers. Ensure IT maintains and deploys the standard images.
- Identify obsolete OS and Applications. Work with stakeholders to upgrade them.
- Develop and maintain content for Enterprise Security for Infosec CoE (Center of Excellence)
- Maintain industry standard vulnerability Aging metrics.
- Assists in responding to audits, penetration tests and vulnerability assessments.
- Bachelor’s degree in computer science, cybersecurity or a related field
- 5+ years of experience in Information Security
- Certifications (CISSP) or equivalent is a plus.
- Experience in securing Okta, G Suite, Slack
- Experience in IAM, DLP
- Experience in XDR, SIEM, SOC
- Experience in securing Networks, VPN, Firewall
- Familiarity with Compliance Frameworks & Controls (HIPAA, PCI)
- Familiarity with AWS Security and Application Security (SAST/SCA/DAST) is a plus.
Why Join Us:
It is rare to have a company that both deeply impacts its customers and is able to provide its services across a massive population. At Blink, we have a huge impact on people when they are most vulnerable: at the intersection of their healthcare and finances. We are also the fastest growing healthcare company in the country and are driving that impact across millions of new patients every year. Our business model not only helps people, but drives economics that allow us to build a generational company. We are a relentlessly learning, constantly curious, and aggressively collaborative cross-functional team dedicated to inventing new ways to improve the lives of our customers.
We are an equal opportunity employer and value diversity of all kinds. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.