Senior Security Engineer - Endpoint

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.  

Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values. 

Who We Need  

Truveta is rapidly building a talented and diverse team to tackle complex health and technical challenges. We are seeking candidates inspired by the opportunity to securely apply data in the development of real-world health solutions. Beyond core capabilities, we seek problem solvers, passionate and collaborative teammates, and those willing to roll up their sleeves while making a difference.  We do things the right way. Our commitment to security and compliance assurance cannot be stressed enough. This position is critical to ensuring we are successful. 

If you are interested in the opportunity to pursue purposeful work, join a mission-driven team, and build a rewarding career while having fun, Truveta may be the perfect fit for you.  

This Opportunity  

The successful candidate will design and support solutions that support the company’s Digital Workplace strategy. They will work on leading edge technologies that help modernize endpoint management by leveraging the cloud to quickly deliver end-user improvements. 

Responsibilities: 

• Device Management: Define, implement and maintain endpoint hardening baselines for Windows, macOS, and Linux systems with MDM such as Microsoft Intune, and JAMF. 

• Policy & Hardening: Develop and enforce security policies, standards, and procedures for all endpoint devices. Implement system hardening configurations based on industry best practices. 

• Deploy & Manage Security Tools: Implement, configure, and maintain endpoint security solutions, including Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), antivirus/anti-malware software, and host-based firewalls. 

• Incident Response: Collaborate with IT and Security team to respond to endpoint-related incidents. Triage, remediate, and contain security incidents and threats on endpoints. Perform forensic analysis when necessary. 

• Vulnerability Management: Manage the endpoint vulnerability lifecycle, from discovery and assessment to remediation, using scanning tools and patch management systems. 

• Patch Management: Design and oversee the deployment of updates, security patches for operating system and applications. 

• Automation & Scripting: Develop scripts and automation (e.g., using Python, PowerShell) to streamline security operations, automate repetitive tasks, and improve response times. 

• AI Protection: Secure endpoints used for AI development, including devices accessing model weights, training data, and production inference systems, implementing guardrails on AI tool usage (e.g., prompt injection prevention in local LLM dev tools, restricted plugins/add-ons). 

• Data Loss Prevention: Enforce data loss prevention (DLP) and encryption policies on devices used to handle sensitive AI training datasets, including PHI/PII and proprietary corporation data. 

• On-call: Ability to participate in On-call rotation. 

• On-site: This position requires daily onsite work at Truveta office in Hyderabad. 

Qualifications 

• Experience: 3-5+ years of hands-on experience in an endpoint security, cybersecurity engineering, or similar role. 

• Technical Proficiency: Deep understanding of modern operating systems (Windows, macOS) and their architecture, configuration and deployment in a large enterprise environment. 

• Cloud Experience: Strong hands-on experience on Azure Cloud PC, VM, Azure Firewall and Azure Networking. 

• MDM Expertise: Strong hands-on experience on Microsoft Intune and JAMF administration, such as device enrollment, OS upgrade/patch, configuration, profile.  

• Policy Management: Define and assign compliance/security policies to ensure corporation devices meet organizational security standards. 

• Application Management: Strong hands-on experience on applications control, deployment, patch and upgrade. 

• EPM: Proven experience with industry-leading EPM platforms such as CyberArk and BeyondTrust to control user privileged access and provide advanced threat protection and vulnerability management. 

• Networking: Solid understanding of TCP/IP IPv4/v6, experience of office network (Routing / Switching / WAN, Wi-Fi & Security) management and network security concepts. 

• Security Principles: Strong knowledge of cybersecurity frameworks (e.g., NIST, MITRE), threat intelligence, and incident response methodologies.  

• Compliance: Experiences with SOC 2 Type 2, HITRUST, and ISO compliance frameworks. Interact with the compliance team to ensure the company compliant and remediate gaps during compliance finding and controls. 

• Collaboration: Excellent verbal and written communication/presentation, ability to explain complex technical concepts to both technical and non-technical audiences. 

Why Truveta?   

Be a part of building something special. Now is the perfect time to join Truveta. We have strong, established leadership with decades of success. We are well-funded. We are building a culture that prioritizes people and their passions across personal, professional, and everything in between. Join us as we build an amazing company together.   

We offer:   

• Interesting and meaningful work for every career stage   

• Competitive compensation   

• Comprehensive benefits with strong medical, dental, and vision insurance plans  

• 401K plan  

• Professional development for continuous learning   

• Work/life autonomy via flexible work hours and flexible paid time off  

• Generous parental leave  

• Regular team activities (virtual and in-person as soon as we are able)  

Truveta is committed to creating a diverse, inclusive, and empowering workplace. We believe that having employees, interns, and contactors with diverse backgrounds enables Truveta to better meet our mission and serve patients and health communities around the world. We recognize that opportunities in technology historically excluded and continue to disproportionately exclude Black and Indigenous people, people of color, people from working class backgrounds, people with disabilities, and LGBTQIA+ people. We strongly encourage individuals with these identities to apply even if you don’t meet all of the requirements.