Senior Security Engineer
Listed on 2026-07-09
-
IT/Tech
Cybersecurity
Job Description
You will be working in Butterfly’s fast‑growing Information Security (Info Sec) team to better meet the needs of our customers in the global healthcare sector. As a Security Engineer, you will work closely with our Dev Ops, Hardware, Software, AI, Risk Management, Audit, Quality, and Cloud Engineering Teams to secure our product and our cloud security architecture.
Responsibilities- Assess, triage, and prioritize security alerts from logging and monitoring systems.
- Manage incident response and breach mitigation.
- Conduct vulnerability assessments, determine deviations from acceptable configurations, and assess risk levels; recommend mitigation countermeasures.
- Collaborate with Legal, Compliance, and HR on discovery and investigation requests.
- Collaborate with IT, Cloud Operations, and Engineering to secure the AWS environment.
- Design, implement, configure, support, and maintain security and IT solutions and tools (SIEM, IAM, MDM, EDR, vulnerability management, zero‑trust networking, DLP).
- Keep abreast of tools, techniques, and process improvements to support security detection and analysis.
- Lead digital forensic activities, including collecting, processing, preserving, analyzing, and presenting evidence.
- Perform cyber defense analysis using tools such as IDS, firewalls, and AWS Cloud Trail.
- Help mature and maintain an Incident Response Program.
- Develop playbooks, work instructions, process flows, risk assessments, and automation solutions.
- Collect evidence and artifacts for audit and accreditation purposes.
- Contribute to executive presentations of Info Sec state and environment.
- Provide 24x7 coverage on a rotational basis, including nights, weekends, and holidays.
- Support the CISO with additional security initiatives and projects as needed.
- Preferred 4+ years of cybersecurity experience or comparable IT experience working with an Info Sec organization.
- Experience investigating cybersecurity events and incidents using a full suite of alerting and response tools, digital forensics, or malware analysis.
- Experience with a major SIEM system;
Splunk is preferred. Ability to write Splunk Search Processing Language queries, create dashboards, and produce reports. - Strong understanding of networking basics, including firewalls, WAF, VPC, and zero‑trust networking.
- Firsthand experience with Vulnerability Management (Rapid7 preferred) and ability to perform scans, produce reports, and track remediation.
- Experience with Endpoint Detection and Response (Crowd Strike Falcon preferred) and Cloud Security Posture Management; ability to write policies, triage alerts, and deploy agents.
- Experience with Identity Access Management (Entra ) and configuration of SSO, user/group management, access reviews, and MFA.
- Experience with zero‑trust networking (Zscaler Private Access preferred) for connectors, applications, policies, and troubleshooting.
- Strong familiarity with NIST 800‑53 Rev‑5 and ISO 27001.
- Strong project management skills (PMP, Six Sigma, or Agile).
- Excellent communication skills at all levels.
- CISSP, GIAC, or AWS Certified Security Specialty a plus.
Hybrid position based in New York City, NY. Team members spend two or more days a week in the office.
Equal Employment Opportunity StatementButterfly Network is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, gender, sexual orientation, disability, or any other protected status. All applicant information will be kept confidential in accordance with applicable EEO guidelines.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).