Senior Security Engineer

Job Summary

We're opening eyes, hearts and minds to the impact that a pharmacy team can have in changing lives.

Join our group of talented, committed team members-pharmacists, pharmacy care coordinators, technologists, product strategists and more-to create and expand the delivery of personalized health support that people didn't even know could be possible.

The Senior Security Engineer for Stellus Rx will be a key member of our Technology Team, working closely with Stellus Rx leaders and across the organization to unlock the health of millions of Americans. We are a culture that is unabashedly driven by purpose — making a difference to patients and team members while growing at an accelerated rate.

This role is for a security professional who actively uses AI to outpace threats — automating detection, accelerating incident response, and embedding intelligent security controls throughout the development lifecycle rather than relying on manual, reactive approaches.

Role Accountabilities and Responsibilities:

AI-Augmented Threat Detection & Incident Response

• Leverage AI-powered security tooling to continuously monitor for threats, anomalies, and policy violations across cloud and application environments — replacing manual log review with intelligent, automated detection.
• Respond to and, where appropriate, resolve or escalate security incidents; use AI-assisted analysis to accelerate root cause investigation and postmortem documentation.
• Investigate and resolve security violations by providing postmortem analysis that illuminates causes, solutions, and AI-informed preventative measures.
• Use AI tools to model attack scenarios, identify exposure patterns, and prioritize remediation efforts based on risk — rather than relying solely on manual vulnerability triage.

AI-Driven Security Automation & "Security as Code"

• Assess, design, implement, automate, and document security solutions for public and private cloud environments, SaaS applications, and AWS-based platforms — with a bias toward AI-assisted automation over manual configuration.
• Implement "security as code" using cloud services and CI/CD components; use AI code generation tools to accelerate the development of custom security scripts and controls.
• Develop baseline cloud, container, and application security standards and integrate them into CI/CD pipelines — leveraging AI to identify gaps and validate coverage continuously.
• Customize cloud compliance tools to meet operational, audit, and risk-based needs; use AI-enhanced compliance monitoring to surface drift and exceptions in real time.

Cloud & Application Security

• Work with diverse technical and business stakeholders on security best practices in Infrastructure as Code, cloud design patterns, and CI/CD with built-in application security controls.
• Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements across AWS and multi-cloud environments.
• Apply knowledge of network-based, system-level, and application-layer attacks and mitigation methods to design resilient, layered security architectures.
• Maintain strong knowledge of IDS/IPS, IAM, Certificate Management, identity federation, authentication, and authorization standards (SAML, OIDC, OAuth).

Documentation & Compliance

• Develop and maintain documentation for security systems, procedures, and controls — using AI-assisted drafting to improve quality and reduce documentation burden.
• Drive compliance through strict adherence to published information security policies and procedures; drive efficiencies via tooling and automation to continuously improve security posture.

Qualifications and Requirements:

• 4+ years of experience as a Security Engineer or equivalent.
• Significant technical experience in cloud computing technologies and security automation (primarily AWS).
• Required: Demonstrated, hands-on experience using AI tools to automate security tasks, accelerate threat detection, or improve incident response — with specific examples you can speak to.
• Ability to break down complex problems and implement custom solutions or scripts that go beyond basics to demonstrate thorough, automated problem-solving.
• Experience in DevOps environments, working with and influencing developers to maintain security through CI/CD processes.
• Experience with container technologies including Docker and Kubernetes.
• Experience with development, deployment, and automation of security solutions in enterprise cloud environments.
• Strong knowledge of network and application security, infrastructure hardening, security baselines, web servers, and database security.
• Understanding of identity federation, authentication, and authorization (SAML, OIDC, OAuth).
• Bilingual — Spanish and English.
• Bachelor's degree or equivalent working experience.

Preferred Experience:

• Experience with AI-powered security platforms (e.g., AI-driven SIEM, XDR, or threat intelligence tools).
• Exposure to or experience with cybersecurity tools such as Web Application Firewalls, Email Protection, EDR, and XDR.
• Participation in vulnerability management programs.
• Relevant certifications: CompTIA Security+ (SY0-601), CEH (EC-Council), CISSP (ISC²), CISM or CISA (ISACA).
• MBA or advanced degree.