Security Engineer
Birdi
Why Join Birdi? At Birdi, we are transforming the pharmacy experience through innovation, collaboration, and a relentless focus on patient care. We offer team members the opportunity to make a meaningful impact while working alongside talented professionals in a collaborative and entrepreneurial environment where ideas are valued and continuous improvement is encouraged.
Position Summary The Security Engineer is responsible for designing, implementing, and managing the organization's cybersecurity program, with a primary focus on software supply chain security, Identity and Access Management (IAM), permissions governance, cloud security, and compliance readiness within a healthcare environment. This role serves as a key cybersecurity leader responsible for protecting systems, applications, infrastructure, and sensitive data while supporting compliance with SOC 2 Type II, HIPAA, and industry security standards. Working closely with IT, Development, DevOps, Operations, and business stakeholders, the Security Engineer develops and maintains security controls, monitoring capabilities, policies, procedures, and awareness programs that support enterprise-wide risk management and security maturity. This role is ideal for a self-directed security professional who enjoys building programs from the ground up, improving organizational security posture, and partnering across teams to create a culture of security and compliance.
Why You'll Love Working Here
Cybersecurity Program Management & Compliance
Cybersecurity & Compliance Expertise
Pre-Employment Requirements As a condition of employment, BirdiRx requires the successful completion of a pre-employment criminal background check and drug screening. A criminal conviction does not automatically disqualify an applicant. Each case will be reviewed individually, considering the nature of the offense, its relevance to the position, and the time elapsed since the conviction. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Position Summary The Security Engineer is responsible for designing, implementing, and managing the organization's cybersecurity program, with a primary focus on software supply chain security, Identity and Access Management (IAM), permissions governance, cloud security, and compliance readiness within a healthcare environment. This role serves as a key cybersecurity leader responsible for protecting systems, applications, infrastructure, and sensitive data while supporting compliance with SOC 2 Type II, HIPAA, and industry security standards. Working closely with IT, Development, DevOps, Operations, and business stakeholders, the Security Engineer develops and maintains security controls, monitoring capabilities, policies, procedures, and awareness programs that support enterprise-wide risk management and security maturity. This role is ideal for a self-directed security professional who enjoys building programs from the ground up, improving organizational security posture, and partnering across teams to create a culture of security and compliance.
Why You'll Love Working Here
- Opportunity to build and shape the organization's cybersecurity program and security roadmap.
- Exposure to cloud security, DevSecOps, compliance, risk management, and healthcare cybersecurity initiatives.
- Ability to make a meaningful impact by protecting critical systems, applications, and sensitive healthcare data.
- Collaborative environment that values innovation, continuous improvement, and operational excellence.
- Partnership opportunities with Development, DevOps, Operations, and leadership teams to drive security initiatives.
- Remote flexibility within a growing healthcare organization.
- Professional development opportunities and support for ongoing certification and career growth.
Cybersecurity Program Management & Compliance
- Research, develop, implement, and maintain comprehensive cybersecurity policies, standards, procedures, and controls.
- Lead cybersecurity efforts supporting SOC 2 Type II compliance and ongoing certification activities.
- Coordinate security control documentation, evidence collection, audit preparation, and remediation activities.
- Support HIPAA Security Rule compliance by implementing administrative, technical, and physical safeguards.
- Conduct regular reviews of security controls and identify opportunities for continuous improvement.
- Partner with internal stakeholders and external auditors to ensure compliance requirements are met.
- Conduct security risk assessments, vulnerability reviews, and threat analyses to identify potential risks and vulnerabilities.
- Develop and implement mitigation strategies aligned with regulatory requirements and industry best practices.
- Monitor security alerts, events, and threats across enterprise environments.
- Design and maintain security monitoring, threat detection, and alerting capabilities.
- Lead incident response activities, including investigation, containment, remediation, recovery, and post-incident review.
- Maintain breach response and notification processes in accordance with HIPAA and organizational requirements.
- Participate in an on-call rotation supporting critical security incidents and operational security events.
- Design, implement, and manage enterprise Identity and Access Management strategies.
- Develop and maintain role-based access control (RBAC) models and least-privilege access frameworks.
- Manage and support multi-factor authentication (MFA), single sign-on (SSO), privileged access management, and identity governance initiatives.
- Conduct periodic access reviews and user entitlement audits to ensure appropriate authorization levels.
- Develop permissions governance standards that support regulatory compliance and data protection requirements.
- Monitor and improve identity security controls across business and technology platforms.
- Establish and maintain software supply chain security programs and controls.
- Implement Software Bill of Materials (SBOM) management practices and dependency monitoring processes.
- Manage application dependency scanning, vulnerability assessments, and remediation activities.
- Collaborate with Development and DevOps teams to integrate security throughout the Software Development Life Cycle (SDLC).
- Support secure coding standards, application security testing, code review processes, and CI/CD security controls.
- Evaluate and implement tools that improve application security, container security, and software integrity.
- Design and implement security controls supporting cloud-based environments, particularly AWS.
- Assess cloud infrastructure configurations and implement security best practices.
- Support endpoint protection technologies, network security controls, firewall management, and threat prevention solutions.
- Monitor cloud and infrastructure environments for security risks and compliance concerns.
- Partner with technical teams to strengthen overall infrastructure security and resilience.
- Develop, implement, and maintain a company-wide Security Awareness Training Program.
- Deliver cybersecurity education focused on phishing awareness, social engineering defense, HIPAA requirements, and secure handling of sensitive information.
- Track employee training completion and maintain records for compliance and audit purposes.
- Conduct ongoing awareness campaigns and educational initiatives to strengthen organizational security culture.
- Ensure training content remains current with evolving cybersecurity threats and industry trends.
- Evaluate third-party vendors, business associates, and service providers for cybersecurity and compliance risks.
- Conduct security reviews and assessments of vendors handling sensitive information.
- Ensure vendor security practices align with HIPAA requirements and organizational standards.
- Support risk remediation efforts and ongoing vendor monitoring activities.
- Assist with contract reviews and security-related due diligence activities.
Cybersecurity & Compliance Expertise
- Proven experience in Information Security, Cybersecurity Engineering, or related disciplines.
- Strong knowledge of SOC 2, HIPAA Security Rule, NIST Cybersecurity Framework, CIS Controls, and related compliance standards.
- Experience implementing and managing cybersecurity programs and governance frameworks.
- Demonstrated experience preparing organizations for compliance reviews, audits, and assessments.
- Deep expertise in Identity and Access Management technologies and practices.
- Experience implementing role-based access controls (RBAC), MFA, SSO, and privileged access management solutions.
- Strong understanding of authorization, authentication, access governance, and permissions management.
- Experience conducting access reviews and access control audits.
- Experience with software supply chain security concepts and technologies.
- Knowledge of SBOM management, dependency scanning tools, vulnerability management platforms, and secure software development practices.
- Experience supporting cloud security initiatives, particularly within AWS environments.
- Familiarity with endpoint protection platforms, firewalls, and security monitoring tools.
- Strong understanding of secure SDLC and DevSecOps practices.
- Excellent verbal, written, and presentation communication skills.
- Ability to translate complex technical security concepts into understandable business language.
- Strong relationship-building skills with the ability to collaborate effectively across technical and business teams.
- Ability to influence security best practices without direct authority.
- Strong analytical, investigative, and troubleshooting abilities.
- Ability to independently identify risks and implement effective solutions.
- Excellent attention to detail and organizational skills.
- Demonstrated ability to manage multiple priorities and deadlines.
- Self-directed with the ability to work independently and take ownership of initiatives.
- Identity and Access Management (IAM) platforms
- Multi-Factor Authentication (MFA) and Single Sign-On (SSO) solutions
- Security monitoring and threat detection platforms
- Endpoint Detection and Response (EDR) technologies
- Vulnerability assessment and dependency scanning tools
- AWS cloud services and security controls
- Security awareness training and phishing simulation platforms
- Microsoft Office Suite, including Word, Excel, Outlook, and PowerPoint
- DevSecOps, CI/CD, and application security technologies
- Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field; equivalent combinations of education and experience may be considered.
- Minimum three (3) to five (5) years of experience in cybersecurity, information security, or security engineering roles.
- Demonstrated experience implementing security compliance programs including SOC 2, HIPAA, ISO 27001, or comparable frameworks.
- Experience conducting risk assessments and developing cybersecurity policies and procedures.
- Experience supporting security operations, incident response, and security governance initiatives.
- Experience working within healthcare environments and supporting HIPAA compliance requirements.
- Professional cybersecurity certifications such as:
- CISSP
- CISM
- Security+
- CCSP
- AWS Security Specialty
- HCISPP
- Experience designing and implementing Zero Trust security architectures.
- Familiarity with healthcare data standards, including HL7 and FHIR.
- Experience working with Electronic Health Record (EHR) systems and healthcare technology platforms.
- Knowledge of policy-as-code solutions such as Open Policy Agent (OPA) and Checkov.
- Experience with infrastructure-as-code security scanning and cloud governance tools.
- Scripting and automation experience using Python, PowerShell, Bash, or similar technologies.
- Experience with container security, Kubernetes security, and DevSecOps methodologies.
- Experience managing Security Awareness Training platforms such as KnowBe4, Proofpoint, or similar solutions.
- Familiarity with phishing simulation programs and security culture initiatives.
- Full-time remote work environment.
- Minimal exposure to excessive noise or adverse working conditions.
- Ability to sit for extended periods of time while working with computers and other office equipment.
- Ability to participate in on-call responsibilities and respond to security incidents as required.
- Ability to work flexible schedules when necessary to support security operations, incident response activities, audits, and project deadlines.
- Competitive medical, dental, and vision coverage
- Paid time off and company holidays
- Retirement savings opportunities
- Employee wellness and support programs
- Professional development and career growth opportunities
- Employee-focused culture committed to work-life balance and success
Pre-Employment Requirements As a condition of employment, BirdiRx requires the successful completion of a pre-employment criminal background check and drug screening. A criminal conviction does not automatically disqualify an applicant. Each case will be reviewed individually, considering the nature of the offense, its relevance to the position, and the time elapsed since the conviction. Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Security Engineer in Plymouth, MI vacancy
- ...Position Summary The Security Engineer is responsible for designing, implementing, and operating the organization’s cybersecurity program from the ground up, with a primary focus on software supply chain security, identity and access management (IAM), permissions architecture...SuggestedFull timeRemote work
- A Healthcare Technology Company is looking for a Security Engineer to lead their cybersecurity program. This role focuses on software supply chain security, IAM, and ensuring compliance with SOC 2 Type II and HIPAA regulations. Key responsibilities include designing security...SuggestedFull timeRemote work
- ...Security Engineer The Security Engineer is responsible for implementing proactive and responsive improvements in information security. The Security Engineer should understand common security controls and requirements as well as be able to "think like a hacker" and then...Suggested
- ...Job Summary Roush is looking to add a Cyber Security Architect II to join their team. The position is a hybrid role located in Livonia... ...be Considered Bachelor’s degree in computer science, computer engineering, or related experience. Minimum of 5 years of hands‑on...SuggestedPermanent employment
- ...and systems for client projects, troubleshooting issues, and implementing security measures. Applicants must possess a Bachelor’s Degree in Computer Information Systems, Computer Science, Engineering, or IT related fields, along with at least two years of relevant...Suggested
- Description First Merchants Bank is seeking a Security Automation Engineer to join our team! This position will be responsible for designing, engineering, and governing automated vulnerability remediation execution across the enterprise. This role owns the end-to-end...Flexible hours
$70k - $80k
10730 - Network Security Engineer I Location: Plymouth, MI (5 days on-site) Company Overview Hyundai AutoEver America (HAEA), the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we...Full timeRemote work- ROUSH is seeking a Cyber Security Architect II to join their team in a hybrid role based in Livonia, MI. The candidate will lead security and compliance implementations, manage IAM strategies, and ensure the security of cloud platforms. Requirements include a Bachelor'...
- Galaxy Software Solutions, Inc. is seeking a Senior Network and Systems Administrator to provide technical assistance on projects, guide teams, and liaise with clients to resolve issues. This role requires a master’s degree in a relevant field and twelve months of applicable...
- ...The onsite Manufacturing IT Cyber Security Specialist will join a growing team of Engineering and Health & Safety professionals helping our customers reduce their work-related risk to quality, productivity and employee health. This key role will have the opportunity...Full timeTemporary workWork at officeFlexible hoursShift work
- ...PURPOSE Specializes in threat detection and mitigation, ensuring the security and integrity of our data network. This role involves... ...Detroit, MI $92,213.33-$125,146.66 4 weeks ago Data and Security Engineer (on W2) || Hybrid in Detroit, Michigan (Need locals) Information...Full timeWork at officeLocal area
$70k - $90k
...this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Cyber Security Analyst Regular Full-Time Full-time MI, Wixom, MI, US 11 days ago Requisition ID: 243177 Salary Range: $70,000.00 To $90,000.00...Full timeContract workTemporary workWork at officeLocal area- ...Corporate office in Livonia, Michigan is currently seeking a Network Engineer to join our Information Technology team. The Network Engineer... ...organization's network infrastructure to ensure reliable and secure connectivity. This role requires a deep understanding of...Work at officeLocal area
- Lineage Logistics is seeking a self-driven Workday Security Analyst who will support and enhance the security framework of the Workday platform. The position involves leading the security design, configuration, and governance while ensuring compliance with regulatory requirements...Remote job
- ...We seek an AI Prompt Engineer with strong analytical skills, excellent reading comprehension, and exceptional attention to detail. You will design, test, and refine prompts for large language models, audit AI-generated outputs for accuracy, and work closely with client...Full timeInternship
$80.8k - $111.1k
...Manufacturing Engineer Key Responsibilities System expert for Powdered Metal Pressing and Sizing Operations. Deep understanding of each press’ setup, operation, and maintenance. Monitor operational condition of all presses. Assist in troubleshooting press operation and...Work experience placementWork at officeAll shiftsWeekend work- T-Mobile is seeking a Senior Engineer, Radio Frequency in Livonia, MI, responsible for the design and optimization of advanced 3G, 4G, and 5G networks. This role includes performing multi-band LTE optimization and troubleshooting RF issues. With a Master's degree in Computer...
$47 per hour
...Description Job Summary: The CAE Analyst II (Multi-Body Dynamics - MBD) performs multi-body dynamic simulations to solve real world engineering problems in the automotive, aerospace, entertainment, and industrial segments. The CAE Analyst II (MBD) builds engineering-...Permanent employmentContract workTemporary workLocal areaImmediate startWorldwide- ...Overview Summary: We are seeking a skilled and motivated CAE Engineer with strong product design capabilities to perform structural analysis and contribute directly to the design of automotive aluminum castings. The ideal candidate will possess extensive hands-on experience...
- ...TRACKSIDE ENGINEER (INDYCAR) The IndyCar Trackside Support Engineer is a high-performance engineering role responsible for the full lifecycle of Ilmor powertrains, including build, calibration, testing, and real-time race support. This position serves as a critical connector...Work at office
- ...A staffing agency is seeking a UCCE Voice Engineer for a mid-sized client in Livonia, MI. The ideal candidate will have strong experience with Cisco Contact Centers, focusing on administration and support tasks. Key responsibilities include managing CUCM configurations...
- ...Position Overview Insight Global is looking for a Middleware Engineer to remotely join one of their Life Insurance clients' based in... ...be responsible for design, customization, and implementation of secure, scalable J2EE applications across Linux and Windows. Also,...Contract workRemote work
- ...We are looking for a new colleague in the Materials Engineering Department at our location in Northville, Michigan starting mid-July 2026. What you can look forward to as Materials Engineering Intern: Exposure to diverse material technology types including polymers, metals...Full timeInternship
- .../report profitability of products sold throughout the pre‑production process, including prototype orders, production changes and engineering changes. Participate in monthly sales meetings with AISIN North American Plants (NAPs) and closely communicate to identify and meet...Temporary workWork at office
- ...Software (Word, Excel, PowerPoint). Network (Router, Server, Security, Cloud etc.) or Programming (C, Java, R, Python etc.). Preferred... ...system / network infrastructure working with internal engineering team and external business partners. Keep implementation schedule...Contract workWork experience placementWork at office
$160k - $190k
...software products in the automotive market, such as Classic AUTOSAR, Adaptive AUTOSAR, embedded and cyber security, Connected Car, HMI, testing/tooling and related engineering services. Understand software development processes in the automotive industry. Have a proven record...Local area- 70k-80k Position Sales Engineer Summary The Sales Engineer will play a key role in driving the sales of IT solutions within the organization... ...partner like an application vendor, network/server vendor, security vendor to solve customer’s needs/issues. Prepare solutions and...Contract workWork experience placementWork at officeWeekend work
- ...Northville, United StatesZF Active Safety US Inc. Job Description About the team: We are looking for a new colleague in the Materials Engineering Department at our location in Northville, Michigan starting mid-July 2026. What you can look forward to as Materials Engineering...Full timeInternship
$70k - $100k
Rhino Assembly Corporation, located in Livonia, MI, is seeking a Systems Engineer. The successful candidate will design, implement, and maintain IT systems, focusing on cybersecurity and system integration. Strong troubleshooting skills and knowledge of Azure platforms...$70k - $100k
Rhino Tool House is seeking a Systems Engineer to design, implement, and maintain IT systems within the Detroit Metro Area. Responsibilities include overseeing the deployment of software and networks, ensuring cybersecurity, and troubleshooting complex IT issues to minimize...Full time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Engineer. Be the first to apply!
Related searches

