For 25 years, DrFirst has empowered providers and patients to achieve better health through intelligent medication management. We improve healthcare workflows and help patients start and stay on therapy with end-to-end solutions that enhance prescription access, affordability, and adherence. Our solutions help 100 million patients a year and are used by more than 420,000 prescribers, 71,000 pharmacies, 270 EHRs and health information systems, and over 2,000 hospitals in the U.S. This is a great opportunity to be a part of a successful Healthcare IT company experiencing significant growth. Here you'll get to work with some of the smartest and most interesting people around; solving unique and complex challenges in healthcare on a scale matched by a few companies. If you get excited about stretching yourself in new ways, developing yourself to your fullest potential, care about working with smart colleagues; we want to talk to you!
At DrFirst, we play in the major leagues. Our 5-person security team covers what most organizations staff with ten or more — not by working longer, but by working smarter. We are looking for engineers committed to advancing our security program for the benefit of our team, our customers, and the patients we serve.
We are looking for a different kind of security engineer — a true engineer, not an analyst. You learn continuously and deploy often. You implement as fast as you learn, outpace your peers, and use Claude the way a top-tier engineer builds software — to accelerate delivery by offloading the repetitive and mundane. You believe results speak louder than words, and you are confident enough to show incremental progress quickly and course correct rapidly. That momentum compels you to do more — and you believe, correctly, that delivering results earns respect and reward. If you have been looking for a team worthy of what you can do — keep reading.
This is a domain ownership role. You report directly to the VP Security and work alongside two Principal Security Engineers (PSE1: application security, DevSecOps, AWS network; PSE2: GCP network, unified logging, corporate services, customer-facing security, incident management, and audit delivery). You own your domains, contribute to shared goals, and operate as a peer.
Domain
Scope
Cadence
Corporate Security Operations
Inbox, questionnaires, VRAs, KnowBe4 training and phishing campaigns, onboarding/offboarding compliance, remote worker compliance, endpoint and allowlist controls, policy maintenance, Okta and corporate tool implementation, website and public domain compliance monitoring, data governance implementation
Steady state
Production Alert Triage
AWN, SentinelOne, Proofpoint, Splunk, AWS Security Hub, GCP Security Command Center, Tenable, Zscaler (ZIA/ZPA), endpoint software detection — triage, tuning, escalation to PSE1 (infrastructure) or PSE2 (customer incidents)
Steady state
Audit Evidence Collection
SOC 2 / HITRUST evidence for all controls mapping to your owned domains. PSE2 project manages; you own your evidence slice independently — April through June and August through September
Seasonal burst
Strategic initiatives you step into from day one
• Data governance — retention policy framework in progress; drive implementation by data stream and category, coordinate purge processes across email and corporate data stores
• De-identification service — service is built; drive production data through it to reduce PII/PHI retention exposure across relevant systems
• Corporate Claude environment — own the security architecture, guardrails, and governance for non-engineering staff using Claude for automation and data access via MCPs
How We Work
Our team's DNA is to use Claude to eliminate the manual, repetitive work that consumes capacity — so we can focus on what moves security forward.
What that looks like in practice: a member of our security team automated vulnerability triage across 100 code repositories using Claude Code — a task that previously required manually reading through each finding to determine true vulnerability from false positive. The result was approximately 50% of their capacity freed to focus on critical work. On the compliance side, we overhauled our entire SOC control set — mapping to HITRUST i1, NIST 171, and HIPAA — and increased framework inheritance from 30% to 95%. What would have taken four weeks was completed in 72 hours. This is how we work. This is what we expect from you.
You will be self-directed. With that autonomy comes the accountability to produce results early and often — closed items, not status updates. You set the goal, the strategy, and the plan, and you show momentum within days. You have a proven track record of getting other teams to prioritize your initiatives because your competency earns their respect. Security sets the strategy, Corporate Services implements, and you make that relationship work. Issues that could be closed within a few days do not get pushed two to three weeks out by default.
Think You Can Do This? Here Is What Day 30 Looks Like.
You are energized by opportunity and action. You hit the ground running. By the end of your first 30 days:
✓
Security inbox is owned and running clean — response times consistent, VRA backlog current, customer questionnaire library updated
✓
Alert triage cadence is established — first tuning improvements documented and implemented
✓
At least one Claude automation is live — not planned, not in progress — shipped, with measurable time savings
✓
At least one process improvement identified AND delivered — something nobody asked for
✓
Coming to scrums with closed items and next actions — not updates on what you are still figuring out
✓
Other teams already know your name because you reached out, made the case, and got something moving
✓
You have a clear point of view on at least one strategic initiative and have shared it with the VP
Experience
AI-Augmented Engineering — Non-Negotiable
Stack Experience — Preferred
Core Attributes
#LI-GF1 #LI-Remote
We offer highly competitive compensation — base salary plus structured bonus — that reflects the seniority, breadth, and strategic impact of this role. Strong performers are recognized and rewarded. We invest in people who deliver results and genuinely care about advancing security for DrFirst and the patients and providers we serve.
DrFirst is committed to being a Remote-First company, creating a dynamic and flexible workplace where everyone can thrive, no matter where they log in from. Check out our approach to remote work https://drfirst.com/company/about-us/careers/.
Our recruitment process at DrFirst is straightforward and secure. You will only be contacted by our recruitment team through an official @drfirst.com email address. We will never ask you for payment or sensitive personal information, such as your social security number or banking details, at any stage of the hiring process. Additionally, we will not request that you purchase equipment or accept e-checks or checks for deposit. If you encounter any communications claiming to be from DrFirst that seem suspicious, please contact our recruitment team directly at recruiter@drfirst.com to verify the message's authenticity. Your security is important to us!
Learn more about our benefits and professional development opportunities https://drfirst.com/company/about-us/careers/the-perks/.
DrFirst has been transforming medication management for 25 years, helping providers and patients navigate a complex and often fragmented healthcare system.
After all, “first” isn’t just in our name—it’s a fundamental part of who we are as a company.
We were first to bring real-time price transparency into prescribing workflows and first to enable e-prescribing for controlled substances—solutions that are now standard across the industry.
DrFirst has won over 25 awards for excellence and innovation, including winning Gold in the prestigious Edison Awards in 2023, recognizing our game-changing use of clinical-grade AI to streamline time-consuming healthcare workflows and prevent medication errors.
Why It Matters: Medication management is full of roadblocks such as friction-filled workflows, outdated systems, regulatory complexity, and disconnected stakeholders. The result? Delays in care, high medication abandonment rates, and poor adherence that negatively impact patient outcomes.
DrFirst tackles these challenges with end-to-end solutions that support:
Prescribing: Adaptable workflows that deliver the right information at the right time to boost efficiency and improve outcomes.
Adherence: Innovative solutions that inform patients and providers to increase medication access and affordability.
Optimization: Clinical-grade AI that aggregates fragmented data from multiple sources and fills-in gaps to deliver clean, complete, and consumable information at the point of care.
