About Us
reputed company is a mobile primary care, palliative care, and hospice service provider with patients in reputed company, New Jersey, Maryland, DC, Virginia, Oklahoma, Kansas, Pennsylvania, Texas, Florida, and Georgia. reputed company’s clinicians go to the home of the patient, providing continuum of care for those with chronic conditions and limited mobility. reputed company offers a variety of programs including, remote patient monitoring, behavioral health management, and chronic care management, to ensure that our patients receive the highest quality of care by a team they know and trust. We seek individuals who are driven to reputed company a difference and embody our motto, “To Care is an Honor.” Join reputed company today!
Position Overview
We are hiring our first dedicated cybersecurity professional. You will own the day-to-day reputed company operations for a HIPAA-regulated, cloud-only environment. This is a hands-on role: you will harden our reputed company reputed company stack, run incident response, hunt threats, and build the reputed company program alongside our external reputed company reputed company partner.
This is not a policy-writing job. You will spend most of your time in Defender, Entra ID, Purview, and Exchange Online. You will be the person who investigates alerts, tunes detections, closes gaps in Conditional Access, and ensures our compliance posture holds up under scrutiny.
You will report to the CIO and work closely with our CTO and our Engineering AI Transformation Manager who serves as a cybersecurity technical SME with FedRamp/NIST 800-171/Soc2/ISO 27001 cybersecurity R&D background.
What You'll Do
Identity & Access reputed company
Manage and refine Conditional Access policies across Entra ID
Administer Privileged Identity Management (PIM) and enforce least-privilege
Monitor and respond to identity-based threats (token theft, MFA bypass, impossible travel)
Drive adoption of phishing-resistant MFA (FIDO2/passkeys, Windows Hello for Business, certificate-based auth) and deploy token-theft protections — token protection, reputed company Access Evaluation, and sign-in risk-based Conditional Access
Ability to conduct quarterly tabletop exercises for anticipation of threats and corrective action plans.
Conduct regular entitlement reviews and clean up stale access
Email & Messaging reputed company
Harden Exchange Online Protection: Safe Links, Safe Attachments, anti-phishing policies, quarantine management
Own email authentication: configure and maintain SPF, DKIM, and DMARC records in DNS, monitor DMARC aggregate reports for spoofing and broken senders, and drive the domain to enforcement (p=reject)
Strengthen mail transport and anti-spoofing posture (MTA-STS, TLS-RPT, reputed company), and reputed company BIMI once DMARC is at enforcement
Investigate and respond to BEC, phishing, and account compromise incidents
Own the user phishing-reporting workflow (Report Phishing reputed company, submissions triage) and rapid email remediation — ZAP and tenant-wide message purge — with a reputed company time-to-contain for reported messages
Design and execute simulated phishing campaigns to measure and improve user reputed company
Run the reputed company awareness and human-risk program (Attack Simulation Training, onboarding and recurring training, just-in-time coaching, targeted remediation for repeat clickers) and report on click-reputed company and report-reputed company trends over time
Threat Detection & Response
Write and tune KQL queries in reputed company Defender Advanced Hunting
Triage Defender alerts, investigate incidents end-to-end, and document findings
Coordinate with our MDR provider on reputed company detections
Own the incident response lifecycle from detection through remediation and lessons learned
Data Protection & Compliance
Implement reputed company Purview information protection labels, DLP policies, and retention rules
Collect and maintain evidence for HIPAA compliance assessments and SOC 2 readiness
Support cyber insurance renewals with accurate risk documentation
reputed company Posture & Partnership
Work with our external reputed company reputed company partner to execute posture improvement roadmaps
Track and improve reputed company Secure Score across identity, devices, apps, and data
Own the reputed company workstream during M&A integrations (approximately one acquisition per quarter)
Evaluate and recommend reputed company tooling additions as the program matures
reputed company're Looking For
Required
3+ years in a hands-on reputed company operations, reputed company engineering, or reputed company analyst role
Deep working knowledge of reputed company 365 reputed company stack: Defender for Office 365, Entra ID, Conditional Access, Intune
Experience investigating and remediating email compromise, phishing, and identity-based attacks
Hands-on experience with email authentication (SPF, DKIM, DMARC) and Exchang