Sr. Security Engineer (Remote)

Join Us!
Take the next step in your journey at Inspira Financial. You will help businesses and individuals thrive today, tomorrow, and into retirement. Become part of a company that is people centric and client obsessed in every interaction; a community of forward-thinking individuals focused on driving results to deliver our mission with an unwavering commitment to integrity. Join us as we strengthen and simplify the health and wealth journey -- relentlessly pursuing better outcomes for all. We believe in finding the best talent! While some roles are based at one of our office locations, remote roles can sit in any of the following states: AL, AZ, FL, GA, IA, IL, IN, MI, MN, MO, NC, NE, PA, SC, TN, TX, UT, VA and WV. Remote status and role locations are subject to change. Relocation is not provided.
Employees within a 90-minute radius of our Oak Brook, IL headquarters are required to adhere to the company in-office work guidelines of 4 days per month minimum from 10 am to 2 pm (1 of the 4 days must be a Monday or Friday).
This requirement does not apply to support specialist positions.
Don't meet every single requirement? Here at Inspira Financial, we believe there is no "perfect" candidate and want to encourage applying even if all the requirements listed aren't met. Our goal is to build an authentic workplace by valuing diversity in our candidates. We work to ensure that our team reflects the diversity of the businesses and clients we serve. We are always looking to expand our growing team with dynamic and enthusiastic individuals. If you enjoy a collaborative, fun environment that champions career development, Inspira Financial is the place for you! We look forward to receiving your application! Check out this Inspira Financial video to learn more about our company!
Inspira Financial provides health, wealth, retirement, and benefits solutions that strengthen and simplify the health and wealth journey. With more than 7 million clients, representing over $62 billion in assets, Inspira works with thousands of employers, plan sponsors, recordkeepers, TPAs, and other institutional partners -- helping the people they care about plan, save, and invest for a brighter future. Inspira relentlessly pursues better outcomes for all with our automatic rollover services, health savings accounts, emergency savings funds, custody services, and more. Learn more at inspirafinancial.com .
We have been recognized for our remarkable growth on lists such as Crain's Fast 50 and Inc. 5000, and for our outstanding workplace culture and benefits with Built In's 2025 Best Places to Work and Gallagher's 2022 Best-In-Class Employer awards.
Job Summary & Responsibilities
The Senior Security Engineer, Risk & Controls focuses on compliance-related risk, research, policy, and process or technology control improvement projects in support of the Inspira Security Team and its stakeholders. This position helps reduce risk by proactively ensuring that the company is following current compliance and other standards-based requirements and is additionally prepared for emerging requirements. The Senior Security Engineer, Risk & Controls will fulfill these duties by collaborating with internal and external audit teams, IT management, corporate accountants, consultants, and other stakeholders to ensure project deliverables are met. Strong knowledge of governance frameworks, security best practices, and IT General Controls is essential for this position.
Essential Job Duties and Responsibilities:

• Perform technical internal audits and develop testing methodologies of company controls, including but not limited to data center, critical application, and user account access
• Draft new workflows, including impact statements on how revised processes shall be incorporated into daily tasks
• Complete Security Questionnaires and maintain knowledge base with common client-facing responses
• Assist with Third Party Risk Management assessments and improve overall processes and outputs
• Prioritization of deliverables from due diligence and audit findings
• Centralize and maintain evidence of security controls required for audits, including but not limited to HIPAA, PCI, and SOC 2
• Manage critical vendor security and risk assessments including initiation and results evaluation.
• Employ a cross-disciplinary approach that comprehends risk/policy/technology
• Research best practices around security controls and determine the best options to meet multiple security compliance initiatives
• Identify operations and business functions that may require control improvements
• Identify and develop training related to controls governance or technical implementation of controls
• Understand administrative, technical, and operational controls related to compliance with security standards and best practices
• Understand information risk management concepts and application, perform internal risk assessments
• Understand and follow information security best practices, company policies, and information security standards that impact this role, including use of any tools, technologies, services, and processes
• Participate in the evaluation and selection process for enterprise solutions to achieve compliance, including the development of technical requirements and application assessments
• Act as the technical liaison to company-wide functional areas to ensure adherence to compliance regulations and company standards
• Revise security policies and other documentation as determined by business needs and evolving security program requirements
• Resolve and complete service requests and assist in the resolution of due diligence, audit, or other compliance related incidents as assigned

Accountabilities:

• Contribute to the overall success of the company by performing all assigned duties in a professional, timely, and accurate manner in accordance with established company procedures.
• Follows Inspira's Guiding Principles.
• Follow Inspira's standard operating procedures for your department.
• Act as a team player and work cooperatively with team members.
• Ensure compliance with regulations and company policies regarding security of Protected Health Information (PHI) and Personally Identifiable Information (PII).
• Demonstrate the integrity and discretion necessary to safeguard confidential data handled or obtained in the normal performance of job duties at all times.

Preferred Qualifications
Education and Experience:

• 6+ years of professional experience related to security compliance audits
• Bachelor's Degree in Business, IT, Cybersecurity or related field with focus on information systems preferred
• Experience in business continuity planning, disaster recovery
• Subject matter expert in regulatory environments, privacy and cybersecurity policies
• Experience in policy, procedure/standards development creation and implementation of security/compliance
• Significant experience with third-party risk management, due diligence process, SOC2, PCI, HIPAA, and State-RAMP assessments, and technical project management.
• Compliance policy experience

Special Requirements:

• Ability to occasionally work outside normal business hours to meet project deadlines as needed.

Knowledge, Skills, and Abilities:

• Understand data security standards and frameworks
• Understand PHI requirements and controls and how they pertain to HIPAA
• Comprehend PCI regulations and ensure that all payment card processing meets PCI regulations
• Experience with regulatory and industry requirements such as PCI-DSS, FERPA, GLBA, HIPAA, DFARS, CMMC, etc
• Ability to analyze complex business functions to evaluate risks and potential security and compliance issues
• Experience building and maintaining Standard Information Gathering (SIG) documentation
• Strong communication and collaboration skills for working across departments to respond to client requests
• Can adapt to shifting priorities, demands, and timelines through analytical and problem-solving capabilities.
• Familiar with SecureFrame or other similar security and compliance platforms
• Familiar with responding to due diligence questionnaires and collecting supporting evidence
• Ability to work independently while attending to detail and raising issues proactively

Compensation & Benefits
$106,000-$134,000 per year