Hybrid Senior Information Security Lead presso PharmScript, LLC

Overview:

PharmScript is one of the nation’s leading pharmacies, partnering with long-term and post-acute care facilities to supply medications to thousands of residents and patients. When you join the PharmScript family, you join the ranks of more than 2,000 dedicated people across the country who help to get safe, accurate, and timely medication to those who need it most.

Job Summary:

As we align with the Optum Enterprise Security & Resiliency Office (ESRO), we are expanding our security engineering capabilities to support both PharmScript-specific needs and the broader enterprise security initiatives. This Senior Information Security Engineer will report directly to the CISO of PharmScript and act as a key security leader supporting the ongoing integration of PharmScript's security operations into Optum's enterprise-aligned model. This critical role will serve as the CISO','s technical deputy - responsible for the design, implementation, and oversight of core security functions including cloud security, incident response, vulnerability management, and identity & access management in a highly regulated healthcare-pharmacy environment (HIPAA, NIST, MARS-E). You will work closely with security, IT, and business leaders across PharmScript, Genoa, and Optum to advance our security maturity while helping embed scalable enterprise security practices that align with ESRO's mission to protect the organization, its data, and its people.

Responsibilities:

Reasonable accommodations may be considered to enable individuals with disabilities to perform the essential functions.

Security Engineering & Architecture

• Own the technical roadmap for Microsoft Azure and Microsoft 365 security controls (Defender, Sentinel, Purview), SaaS SSO integrations (Entra ID, Cisco DUO MFA), and segmentation of our OneHealthCareID (OHID) customer portal.
• Evaluate and implement tooling for vulnerability scanning, container/cloud posture management, and secrets management.
• Partner with Development (CI/CD in Azure DevOps) to embed security into pipelines (SAST, DAST, IaC). Champion infrastructure as code and automation using Python and PowerShell.

Threat Management & SOC Enablement

• Serve as tactical leader for the Security Operations Center, ensuring high‑fidelity alert triage, threat hunting, and purple‑team exercises.
• Build and refine detection engineering for cloud and on‑prem environments, with an emphasis on Microsoft 365 threat vectors (Business Email Compromise, identity takeover).
• Coordinate tabletop exercises with the Pharmscript leadership, Business Operations and the IT organization.

Vulnerability Management

• Direct the corporate vulnerability management program end‑to‑end: discovery, prioritization, remediation, and executive reporting.
• Drive timely remediation SLAs across infrastructure, applications, and third‑party components; track progress through metrics dashboards.

Governance, Risk & Compliance

• Lead annual NIST 800-53 / HIPAA risk assessment and drive POAM remediation to closure.
• Maintain policy exceptions, risk records, and metrics dashboards for C-suite and Optum ESRO reporting. Serve as audit liaison for SOC 2, HITRUST, and customer assessments.

Identity & Access Management

• Standardize role-based access across Azure, on-prem AD, and SaaS applications; champion privileged-access workflows.
• Oversee federation and MFA strategy for internal staff and external pharmacy customers.

Incident Preparedness & Response

• Act as technical lead for escalated incidents; refine playbooks for ransomware, ePHI exposure, and third-party compromise.
• Coordinate tabletop exercises with Genoa SOC and Optum Cyber Defense.

Leadership & Delivery

• Mentor Security Engineers and SOC team members
• Translate complex risk into business language for pharmacy operations, legal, and finance stakeholders. Manage security budget line items and vendor relationships.

Qualifications:

Required qualifications

• Bachelor's degree in an IT related discipline or equivalent experience.
• 3+ years of business experience in technology and/or technology/security audit
• 3+ years’ experience with securing public cloud platforms (AWS, Azure, GCP).
• 1+ years of experience interacting with an executive audience.
• 1+ Experience with practical interpretation and application of policy and standards.
• Proven track record running enterprise vulnerability management and remediation programs.
• Experience presenting risk and remediation strategy to VP/C‑level leaders.
• Experience with practical interpretation and application of policy and standards.
• Working knowledge of HIPAA Security Rule, NIST 800‑53, and privacy principles.

 

Preferred qualifications

• Security certifications (CISSP, CCSP, Azure Security Engineer, HCISPP)
• Experience integrating with large to enterprise security programs.
• Prior leadership of a small security engineering or GRC team.
• Customer-facing leadership experience (e.g., support or client services).
• Hands‑on expertise securing Microsoft Azure and Microsoft 365 (IAM, networking, Defender, Sentinel, Purview).
• Proficiency in Python and PowerShell scripting for security automation, tooling and integration.

Physical Demands and Work Environment:

The physical demands described here are representative of those that should be met by an employee to successfully perform the essential functions of this job:

• May sit or stand seven (7) to ten (10) hours per day
• The employee is occasionally required to sit; climb or balance; and stoop, kneel, bend, crouch, walk, crawl intermittently
• May be necessary to work extended hours as needed
• May lift and/or move up to 25 pounds
• The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this role

Knowledge, Skills, and Abilities:

• Relates well to constraints experienced by business partners and finds practical, win-win solutions
• Analyzes customer needs; ensures solutions meet business and security requirements
• Holds self and others accountable for meeting customer needs and expectations in a timely, professional manner
• Maintains high personal accountability; takes ownership of issues, develops effective remediation approaches, and drives for results
• Employs business acumen to develop appropriate solutions and solve problems - understands business risks and business objective
• Understands health care delivery and provider environments
• Able to translate business needs into information security requirements
• Ability to communicate technical security risks in a manner that resonates with business leaders
• Able to establish and manage to a planned set of related activities with a focus on hitting deadlines

We Offer:

PharmScript offers a robust suite of benefits to support employees and their families.

Health and Wellness Benefits

• Medical, Prescription Drug, Dental, and Vision coverage for you and your eligible dependents
• Maternity care program and infertility services
• Tax-favored Health Savings Accounts, Healthcare, and Dependent Care Flexible Spending Accounts
• EAP Assistance Program with 24/7 access to free counseling, legal guidance, and financial resources

Paid Time Off and Holidays

• 15 PTO days annually and 6 paid/floating holidays

Retirement Planning

• 401(k) retirement planning with company match

Commuter Benefits

• Transit/Parking Spending Account

Voluntary Benefits

• Employee Life and Accidental Death & Dismemberment, Short/Long-term Disability, Critical Illness, Accident, and Hospital Indemnity plans are available for you and eligible dependents

Other Perks and Benefits

• Legal & Identity Theft Protection Programs
• Employee Discounts: Instant savings on hundreds of products and services
• Pet Insurance
• Employee Support Program to eligible employees in times of urgent need

Pay Transparency:

To reinforce our commitment to fair and equal pay transparency, PharmScript’s compensation is based on multiple non-discriminatory, individualized factors including but not limited to experience, job-related knowledge, education, skills, and office/market location.

EEO Statement:

PharmScript is fully committed to employing a diverse workforce. We recruit and retain talented individuals without regard to gender, race, age, marital status, disability, veteran status, sexual orientation and gender identity or any other status protected by federal, state, or local law.

EO/Minorities/Females/Disabled/Veteran

Min:USD $97,600.00/Yr.Max:USD $146,400.00/Yr. Candidarsi ora