Senior Engineer, IT & Information Security Automation

Who We Are:

SmithRx is a rapidly growing, venture-backed Health-Tech company.  Our mission is to disrupt the expensive and inefficient Pharmacy Benefit Management (PBM) sector by building a next-generation drug acquisition platform driven by cutting edge technology, innovative cost saving tools, and best-in-class customer service.  With hundreds of thousands of members onboarded since 2016, SmithRx has a solution that is resonating with clients all across the country.

We pride ourselves for our mission-driven and collaborative culture that inspires our employees to do their best work. We believe that the U.S healthcare system is in need of transformation, and we come to work each day dedicated to making that change a reality. At our core, we are guided by our company values:

• Integrity: Our purpose guides our actions and gives us confidence in the path ahead. With unwavering honesty and dependability, we embrace the pressure of challenging the old and exemplify ethical leadership to create the new.
• Courage: We face continuous challenges with grit and resilience. We embrace the discomfort of the unknown by balancing autonomy with empathy, and ownership with vulnerability. We boldly challenge the status quo to keep moving forward—always.
• Together: The success of SmithRx reflects the strength of our partnerships and the commitment of our team. Our shared values bind us together and make us one. When one falls, we all fall; when one rises, we all rise.

Job Summary:

We are seeking a Senior Engineer, IT & InfoSec Automation to act as a force multiplier for our technical teams. This is a "build-from-the-ground-up" opportunity to design and implement automations that connect our systems to create new capabilities.

Your primary focus is to eliminate manual toil. You will solve ambiguous, open-ended problems by building and maintaining automated workflows for everything from employee onboarding and access control to security incident response and vulnerability management. You are a true "DevSecOps" champion, and your work will directly improve our efficiency, compliance, and security posture.

What you will do:

• Architect & Build: Design, build, and maintain scalable, resilient automation workflows connecting our diverse SaaS and cloud ecosystems (e.g., Okta, Google Workspace, AWS, Jira, and various security tools).
• IT & Identity Automation: Own the automation of the entire employee lifecycle (onboarding, offboarding, role changes). You will ensure access is provisioned consistently, correctly, and with zero manual intervention.
• Security Orchestration (SOAR): Develop and maintain security playbooks to automate our incident response (IR) processes. This includes alert ingestion from our SIEM, data enrichment, and automated containment or remediation actions.
• Vulnerability Management Automation: Integrate our vulnerability scanners with asset inventories and ticketing systems. You will build the process that automatically identifies owners, creates remediation tickets, and tracks vulnerabilities to closure.
• Compliance Automation: Partner with our GRC/compliance teams to build automated checks and evidence-gathering processes for our security controls (e.g., HIPAA, SOC 2) using our GRC automation platforms.
• Mentorship & Leadership: Act as the team's subject matter expert on automation. You will mentor junior engineers, define technical best practices, and help level up the entire team's automation skills.

What you will bring to SmithRx:

• Experience: 8+ years in a senior-level engineering role such as Security Engineering, DevOps, SRE, or Systems Engineering.
• Education: Bachelor’s degree in Computer Science, Information Technology or a related field, or relevant work experience required in lieu of a degree.
• Core Skills:
  • Expert-level scripting: Deep proficiency in a language like Python for building complex scripts and interacting with APIs.
  • Identity & Access Management (IAM): Hands-on experience with an IdP like Okta, including lifecycle management, API usage, and advanced workflows.
  • Security Principles: Strong, practical knowledge of InfoSec domains, including incident response, vulnerability management, and access controls.
  • Cloud & Infrastructure: Familiarity with public cloud environments (AWS) and Infrastructure as Code (Terraform).
• Senior-Level Mindset:
  • You are an expert at identifying the right solutions for ambiguous, open-ended problems.
  • You can autonomously define and deliver a technical roadmap for a complex project, often involving cross-team dependencies.
  • You are a strong collaborator who can build relationships across teams (IT, Engineering, HR) to drive projects to completion.
• Bonus Points:
  • Experience with SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR, Tines) and automation techniques.
  • Relevant industry certifications (e.g., GCIH, GCFA, GNFA, GREM, AWS Security Specialty).
  • Experience with threat hunting and purple teaming methodologies and tools.
  • Strong track record of mentoring junior team members.

What SmithRx Offers You: 

• Highly competitive wellness benefits including Medical, Pharmacy, Dental, Vision, and Life Insurance and AD&D Insurance
• Flexible Spending Benefits 
• 401(k) Retirement Savings Program 
• Short-term and long-term disability
• Discretionary Paid Time Off 
• 12 Paid Holidays
• Wellness Benefits
• Commuter Benefits 
• Paid Parental Leave benefits
• Employee Assistance Program (EAP)
• Well-stocked kitchen in office locations
• Professional development and training opportunities