Press Ganey

Compensation

Full Description

Company Description PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries—a status we earned over decades of deep partnership with clients to help them understand and meet the needs of their key stakeholders. Our earliest roots are in U.S. healthcare –perhaps the most complex of all industries. Today we serve clients around the globe in every industry to help them improve the Human Experiences at the heart of their business. We serve our clients through an unparalleled offering that combines technology, data, and expertise to enable them to pinpoint and prioritize opportunities, accelerate improvement efforts and build lifetime loyalty among their customers and employees. Like all great companies, our success is a function of our people and our culture. Our employees have world-class talent, a collaborative work ethic, and a passion for the work that have earned us trusted advisor status among the world’s most recognized brands. As a member of the team, you will help us create value for our clients, you will make us better through your contribution to the work and your voice in the process. Ours is a path of learning and continuous improvement; team efforts chart the course for corporate success. Our Mission: We empower organizations to deliver the best experiences. With industry expertise and technology, we turn data into insights that drive innovation and action. Our Values: To put Human Experience at the heart of organizations so every person can be seen and understood. Energize the customer relationship: Our clients are our partners. We make their goals our own, working side by side to turn challenges into solutions. Success starts with me: Personal ownership fuels collective success. We each play our part and empower our teammates to do the same. Commit to learning: Every win is a springboard. Every hurdle is a lesson. We use each experience as an opportunity to grow. Dare to innovate: We challenge the status quo with creativity and innovation as our true north. Better together: We check our egos at the door. We work together, so we win together. This is a 100% remote position but only considering applicants located in CST or EST time zones. Job Overview The Security Engineer is a member of PG Forsta’s Information Security team and is responsible for building and maintaining controls that manage information risk and security. The engineer is expected to build and maintain administrative, technical, and physical controls to secure PG Forsta data and keep PG Forsta in compliance with applicable laws, regulations, and contractual terms. We are seeking an Associate Security Engineer with excellent interpersonal communication and vulnerability management skills to join our security team. This role will focus on vulnerability management, Security Tools health/Status Check, and coordination across engineering and security teams, ensuring that our security controls and scanning tools/processes are effective and reliable. The ideal candidate is detail-oriented, proactive, and able to collaborate across teams to drive remediation efforts and continuous improvement. This is an entry-level position in our security team, and we're willing to train the right candidate. Skills appropriate for this engineer are: Software development, including automated CI/CD pipelines Vulnerability management, specifically with software dependencies Penetration testing/vulnerability validation Incident response and troubleshooting ITSM and workflow The single most important attribute of this role is passion for information security with a goal to keep client data safe. This position has no direct reports. It is a remote position that may require occasional travel (1-2 times per year) and on-call support every 6-8 weeks. Ideal Candidate: IT infrastructure, application development, or security engineer with 3+ years of professional experience and experience or training in information security roles. About the Team The Risk and Security team is part of the Legal Department. The team reports to the SVP, Risk and Security who reports to the General Counsel. It consists of people with technical security skills and non-technical audit and compliance skills. PG Forsta’s security team is well-funded and supported by management. We have meaningful influence on how systems are designed and implemented. The department is structured to allow internal staff to leave work at work. While the job will require setting goals and meeting deadlines, it rarely requires more than 45 hours of work per week. Duties and Responsibilities Operational Execution Integrate and manage security tooling across the SDLC and CI/CD pipelines, including: Software Composition Analysis (SCA) Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Secrets detection, Infrastructure-as-code scanning, API security testing, and vulnerability correlation platforms Track vulnerability advisories and threat intelligence feeds; notify relevant stakeholders when new critical vulnerabilities or risks impact the organization. Manage vulnerability tracking and reporting across multiple scanning tools (DAST, SCA, ASPM, etc.), ensuring findings are logged, prioritized, and communicated to the right teams. Provide initial triage of vulnerabilities, work with senior resources in Application Security team to formulate appropriate practical guidance to development and infrastructure teams on severity, prioritization, and potential remediation paths. Champion container security by ensuring secure image creation, scanning, and runtime protections across platforms like Docker and Kubernetes. Partner with DevOps and Infrastructure teams to secure Azure cloud-native environments, including container orchestration and deployment layers. Drive adoption of secure coding practices, supported by threat modelling, code reviews, and developer training programs. Establish and track key metrics for AppSec maturity, coverage, risk reduction, and remediation SLAs. Cross-Functional Collaboration Liaise with Legal to define and communicate security controls required for regulatory compliance and contractual obligations. Partner with GRC and Client Response teams to prepare for audits, provide standardised answers to security questionnaires, and represent pipeline and platform controls to clients and external assessors. Engage with Pre-Sales Engineering, where required, to support security discussions with strategic prospects and customers. Create transparency and trust around security posture through consistent reporting, dashboards, and stakeholder communication. Continuous Improvement Identify gaps in security posture and propose enhancements to architecture, processes, and tooling. Qualifications Education/training: 4 year degree or equivalent experience (Preferred) Professional certification such as Security+ or A+ General knowledge of business theory, business processes, management, budgeting and business office operations. Experience 2+ years' experience in IT Operations, IT Security, or Application Development or similar technical role (Preferred) Experience in a healthcare environment. (Preferred) Project management experience preferred (Preferred) Incident response experience Required Skills Excellent interpersonal communication skills and the ability to clearly convey technical and non-technical information. Strong project management and coordination skills, with the ability to keep multiple teams aligned on security priorities. Familiarity with vulnerability management processes and tools (e.g., DAST, SCA, ASPM). Understanding of CI/CD pipelines and experience monitoring/debugging security jobs within them. A good understanding of Software Development Life Cycle. Detail-oriented mindset, with the ability to maintain accurate inventories and track multiple streams of security data. Ability to triage common vulnerabilities and communicate risk in a structured, actionable way. Nice to Have Hands-on experience with common security tools (e.g., Snyk, SonarQube, Checkmarx, Burp Suite, Tenable, Wiz, etc.). Exposure to DevSecOps practices and automated security testing. Experience with ticketing/project tracking systems (e.g., Jira, ServiceNow). A basic understanding of secure development practices and cloud infrastructure. Compliance & Ethics Expectations: Participates and successfully completes the company's compliance program requirements and adheres to the Code of Conduct, Company policies, and applicable federal and state requirements. Sets an example for other employees regarding how the Company's Code of Conduct and Compliance Program is applied and observed every day when dealing with customers, business operations, or other teammates. Reports potential violations of company policy, Code of Conduct, and/or applicable laws and regulations Promotes an environment in which other employees are encouraged to report potential violations. As appropriate, provides input and suggestions regarding areas in which policies, procedures, workflows, and/or controls can be improved to enhance compliance. Special Working Conditions This is a remote-working position. Week-long travel may be required 1-4 times per year. Special Physical Requirements The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Requires ability to get to all users' operations and computer facilities. Requires the ability to meet deadlines, frequent assignment changes, periodic heavy workload, rapidly changing environment, and dynamic business growth. Requires ability to concentrate on detailed tasks for sustained periods of time. Requires the ability to operate computer, printer, copy machine, calculator, other general office equipment, and to record written information. Requires the ability to communicate with customers, users and vendor representatives in person, in writing, and on the telephone. Requires the ability to read computer output and printed material. Requires the ability to read complex vendor reference material and written user manuals. Requires the ability to participate in interactive verbal group activities including brainstorming and application design working sessions. Requires the ability to travel occasionally, including domestic flights. Requires ability to withstand mental pressure caused by time deadlines, frequent changes, periodic heavy workload, rapidly changing environment and dynamic business growth. The expected base salary for this position ranges from $54,000 - $75,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered. In addition to base salary we offer a competitive benefits package Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At PG Forsta we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles. Additional Information for US based jobs: Press Ganey Associates LLC is an Equal Employment Opportunity/Affirmative Action employer and well committed to a diverse workforce. We do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, veteran status, and basis of disability or any other federal, state, or local protected class. Pay Transparency Non-Discrimination Notice – Press Ganey will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. All your information will be kept confidential according to EEO guidelines. Our privacy policy can be found here: https://www.pressganey.com/legal-privacy/ Company Description PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries—a status we earned over decades of deep partnership with clients to help them understand and meet the needs of their key stakeholders. Our earliest roots are in U.S. healthcare –perhaps the most complex of all industries. Today we serve clients around the globe in every industry to help them improve the Human Experiences at the heart of their business. We serve our clients through an unparalleled offering that combines technology, data, and expertise to enable them to pinpoint and prioritize opportunities, accelerate improvement efforts and build lifetime loyalty among their customers and employees. Like all great companies, our success is a function of our people and our culture. Our employees have world-class talent, a collaborative work ethic, and a passion for the work that have earned us trusted advisor status among the world’s most recognized brands. As a member of the team, you will help us create value for our clients, you will make us better through your contribution to the work and your voice in the process. Ours is a path of learning and continuous improvement; team efforts chart the course for corporate success. Our Mission: We empower organizations to deliver the best experiences. With industry expertise and technology, we turn data into insights that drive innovation and action. Our Values: To put Human Experience at the heart of organizations so every person can be seen and understood. Energize the customer relationship: Our clients are our partners. We make their goals our own, working side by side to turn challenges into solutions. Success starts with me: Personal ownership fuels collective success. We each play our part and empower our teammates to do the same. Commit to learning: Every win is a springboard. Every hurdle is a lesson. We use each experience as an opportunity to grow. Dare to innovate: We challenge the status quo with creativity and innovation as our true north. Better together: We check our egos at the door. We work together, so we win together. To work #bettertogether, we operate with a hybrid working mode in the United States (US). For those near a US hub location, we gather in our office locations three days a week (Tuesday, Wednesday, Thursday). For the remaining days, we work from home. Our current hub locations are in Chicago, IL, Boston, MA, and South Bend, IN. Not finding the right fit? Let us know you're interested in a future opportunity by clicking Get Started below or create an account by clicking 'Sign In' at the top of the page to set up email alerts as new job postings become available that meet your interest!