Technical Lead, Security Engineering

About Velsera

Medicine moves too slow. At Velsera, we are changing that.

Velsera was formed in 2023 through the shared vision of Seven Bridges and Pierian, with a mission to accelerate the discovery, development, and delivery of life-changing insights.

Velsera provides software and professional services for:

• AI-powered multimodal data harmonization and analytics for drug discovery and development
• IVD development, validation, and regulatory approval
• Clinical NGS interpretation, reporting, and adoption

With our headquarters in Boston, MA, we are growing and expanding our teams located in different countries!

What will you do?

• Lead and mentor the Security Engineering team, fostering technical excellence and professional growth.
• Conduct security assessments across cloud, applications, and networks.
• Implement, configure, and manage security tools and technologies:

1. CrowdStrike EDR & SIEM
2. CrowdStrike CSPM for cloud posture management
3. SOAR platforms (e.g., CrowdStrike Fusion, XSOAR, or equivalent) to automate detection, response, and playbooks
4. Nessus for vulnerability management
5. BurpSuite for application security testing
6. Palo Alto Firewalls for network security controls

• Drive cloud security strategy and best practices for AWS workloads (IAM, GuardDuty, Security Hub, KMS, CloudTrail, Config, etc.).
• Lead security architecture reviews and collaborate with DevOps, Engineering, and Operations to prioritize and remediate vulnerabilities.
• Oversee security event monitoring, incident investigations, and automated response playbooks.
• Partner with GRC teams to lead security audits and ensure compliance with ISO 27001, HIPAA, and FedRAMP.
• Develop playbooks, security controls, and automated workflows for scalable security operations.
• Stay up to date with emerging threats, vulnerabilities, compliance trends, and new technologies.

What do you bring to the table?

8–10 years of hands-on experience in Security Engineering, Cloud Security, or related roles, with at least 2+years in a lead/mentorship capacity.

Proven expertise with:

• CrowdStrike EDR & SIEM
• CrowdStrike CSPM (cloud posture management, misconfigurations, compliance monitoring)
• SOAR platforms (automation workflows, incident orchestration, playbook design)
• Nessus for vulnerability scanning & remediation workflows
• AWS security services (IAM, GuardDuty, Security Hub, KMS, CloudTrail, etc.)
• Experience on AppSec tools like BurpSuite
• Network Security with Palo Alto Firewalls (policy management, threat prevention)
• Experience supporting GRC programs and leading external audits (ISO 27001, HIPAA, FedRAMP).
• Strong understanding of security principles, incident response, and secure system design.
• Proficiency in Linux/Unix system administration and working knowledge of Windows/macOS.
• Excellent stakeholder management, communication, and cross-functional collaboration skills.
• Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
• Excellent communication and presentation skills
• Proficiency in spoken and written English
• Certifications preferred: CISSP, CCSP, or equivalent