• Analyzing vulnerabilities by extracting findings from platforms like Wiz, Vulcan, Grype, and Tenable, while quantifying infrastructure impact for prioritization. • Creating AI automations streamlining security operations: auto-triaging and containing SIEM while prioritizing vulnerability data from integrated tools effectively. • Engineering tools for signal quality by designing correlation searches, refining detection rules, and automating SOAR playbooks to reduce false positives efficiently. • Ensuring remediation governance by creating tickets, assigning owners, enforcing deadlines, and verifying fixes through rescans and evidence collection thoroughly. • Creating visibility and KPIs by managing dashboards tracking vulnerabilities, remediation speed, SLA adherence, MTTR/MTTD, patch age, and risk trends. • Monitoring SIEM telemetry, triaging alerts, containing and eradicating threats, and leading root-cause analysis alongside post-mortem evaluations. • Strengthening controls by mapping emerging TTPs (MITRE ATT&CK) to defenses, recommending detections, and implementing safeguards across cloud, container, and on-prem environments.

• Run FedRAMP Continuous Monitoring (ConMon) processes and ensure successful monthly reviews with ExtraHop and agency stakeholders; manage asset inventory, vulnerability scan findings, and the Plan of Action & Milestones (POA&M) document • Manage vulnerability detection and response pipelines, including tools, reporting and tracking • Lead the vulnerability management lifecycle: triage, reporting, coordination with system owners, and remediation tracking • Develop and provide vulnerability findings and responses for internal and external stakeholders, including customers • Collaborate with the Director of Product Security to handle customer and pre-sales security inquiries • Assist in addressing compliance requirements for various standards, (e.g., CSA STAR, ISO 27001, DoDIN APL, NIAP, FIPS, CMMC, IL4), supporting gap assessments and facilitating audits (including coordinating evidence collection and submission) • Develop a product security compliance roadmap and coordinate key activities across the organization to achieve milestones • Collaborate with Product Security team members to develop and improve standards, policies, procedures, documentation, and training • Work with security information & event management (SIEM) tooling and other systems to perform security investigations • Perform and/or lead security incident response activities • Participate in an on-call rotation with occasional after-hours paging to review carefully prioritized security detections

Role Description At Machinify, we’re building a robust security program to protect our clients’ sensitive healthcare data and maintain the highest standards of information security. As part of the Security team, you will play a central role in managing our security assurance operations — helping ensure that customer requests, audit activities, and compliance processes run smoothly and efficiently. This is an entry-level role suited for someone detail-oriented, hardworking, and intellectually curious. A background in cybersecurity is helpful but not required. We’ll consider candidates with experience in business operations, finance, accounting, or related fields who demonstrate strong organizational instincts and a commitment to doing things right. What You’ll Do - Security Assurance Operations (60% of role) - Own the intake process for security assurance requests: review incoming tickets, triage and prioritize work, assign tasks to the appropriate team members, and track requests to resolution. - Resolve routine and straightforward security inquiries and questionnaire items independently. - Communicate clearly with internal stakeholders and customers throughout the assurance process, setting expectations and providing status updates. - Respond to customer security questionnaires and audit requests with accuracy and timeliness, escalating complex items as appropriate. - Maintain the security documentation repository and ensure materials are current and accessible. - Support customer-facing security calls and presentations alongside senior team members. - Audit and Compliance Support (25% of role) - Assist with HITRUST r2 and SOC 2 audit preparation and evidence collection. - Help coordinate audit activities across internal teams, tracking open items and deadlines. - Support access review processes and other recurring compliance activities. - Assist with security policy and procedure maintenance. - General Security Program Support (15% of role) - Track and report on security metrics and assurance request status. - Support vendor risk assessment activities. - Assist with security awareness efforts and documentation as needed. - Participate in security incident response when needed. Qualifications - Bachelor’s degree in Information Security, Business, Operations, Finance, Accounting, or a related field, or equivalent work experience. - Strong attention to detail and follow-through — you catch things others miss and see tasks through to completion. - Excellent written and verbal communication skills, including comfort communicating with external clients. - Ability to manage multiple concurrent requests and prioritize effectively in a fast-paced environment. - Strong problem-solving orientation; you approach unfamiliar situations with curiosity and good judgment. - Proficiency with productivity and work-tracking tools (ticketing systems, spreadsheets, document management). Requirements - 1–2 years of experience in operations, compliance, audit support, finance, or a related field. - Exposure to information security concepts, frameworks (NIST, HITRUST, SOC 2), or HIPAA compliance. - Experience in healthcare, healthcare technology, or working with regulated data environments. - Familiarity with GRC or security assurance workflows. Benefits - Work from anywhere in the US! Machinify is digital-first. - Top Medical/Dental/Vision offerings. - FSA/HSA. - Tuition reimbursement. - Competitive salary, 401(k) with company match. - Additional health and wellness benefits and perks. - Flexible and trusting environment where you’ll feel empowered to do your best work.

• Apoiar a equipe comercial na qualificação, apresentação e proposição de soluções de segurança que sejam aderentes a necessidade dos clientes; • Realizar adoção de soluções de segurança implantadas, potencializando o benefício das soluções para os clientes; • Desenvolver projetos técnicos detalhados, prezando pela aderência e adequação às características de cada cliente; • Realizar a implantação de soluções de segurança no ambiente dos clientes de acordo com boas práticas recomendadas e procedimentos internos da Teltec; • Executar atividades corretivas ou evolutivas no ambiente de infraestrutura dos clientes; • Documentar atividades e trabalhos realizados nos projetos durante a fase comercial e após a implantação dos projetos; • Realizar treinamentos técnicos orientados a soluções específicas dos clientes; • Atender solicitações técnicas de 3º nível originadas pelo Service desk; • Promover conhecimento aos analistas, transferindo e multiplicando seu conhecimento e experiência dentro da equipe.