Cyber Defense Lead (Remote)

United States

Full Time Senior-level / Expert USD 136K - 240K
Hinge Health logo

Hinge Health

The only solution that meets members where they are at every stage of the musculoskeletal care continuum: prevention, acute, chronic, and pre/post-surgery.
Apply now Apply later

We want to make you aware that there continues to be a significant increase in phishing attempts across all industries where fraudsters are impersonating real HR employees and sending fictitious job offers to applications in a scheme to obtain sensitive information.
Please note that we will never ask for your financial information at any part of the interview process including the post-offer stage, and will only correspond through @hingehealth.com domain email addresses.
If you encounter any suspicious activity, we recommend you cease all communication with the individual and consider reporting them to the US FBI Internet Crime Complaint Center.
If you would like to verify the legitimacy of an email you received from our recruiting team, please forward it to security@hingehealth.com.
________________________
Summary of the role: We are seeking a Cybersecurity Defense Lead to help implement, operationalize and strengthen the security operations program at Hinge Health. This person will be a critical thinker with proven hands-on experience implementing enterprise security functions and controls including but not limited to security architecture, threat and vulnerability management, incident response/investigations, digital forensics, disaster recovery and business continuity, and regulatory compliance. The Cyber Defense lead will enable the business to reach the desired outcomes by providing the tools they need, reducing cost and security friction and creating business opportunities while ensuring the utmost security standards to protect Hinge Health data and digital systems. This position is hands-on with the ability to contribute strategically to the overall security operations program. 
Description of an ideal candidate: The ideal candidate is a highly motivated individual with strong experience securing cloud infrastructures from the ground up. He/She/They has been a key partner in maintaining awareness of new security and threat mitigation trends and has served as security champion to a broad audience regarding the architecture, availability, resiliency, and access security concerns. We are looking for an individual with a very strong Cloud Security technical background who can also shape the future of the security operations program at Hinge Health.
Hinge Health is building the world’s most patient-centered Digital Musculoskeletal (MSK) Clinic™. It is now the leading Digital MSK Clinic, used by four in five employers and 90% of health plans with a digital MSK solution. Hinge Health reduces MSK pain, surgeries, and opioid use by pairing advanced wearable sensors and computer vision technology with a comprehensive clinical care team of physical therapists, physicians, and board-certified health coaches. 
Hinge Health’s HingeConnect integrates with 750,000+ in-person providers and enables real-time interventions for elective MSK surgeries, driving proven medical claims reduction. Available to millions of members, Hinge Health is widely trusted by leading organizations, including Land O’Lakes, L.L. Bean, Salesforce, Self-Insured Schools of California, Southern Company, State of New Jersey, US Foods, and Verizon. 
To Learn more  about our company & culture please visit: http://www.hingehealth.com & https://www.hingehealth.com/diversity-equity-and-inclusion/

WHAT YOU’LL ACCOMPLISH

  • Develop and drive cybersecurity initiatives related to incident response, threat intelligence, vulnerability management, monitoring and reporting tools – to continuously improve and expand capabilities
  • Design, recommend, drive implementation, and maintain procedures and controls necessary to ensure and protect the safety and security of all information system assets within the organization, including prevention of intentional or inadvertent access, modification, disclosure, or destruction of critical data
  • Develop and maintain effective relationships with IT and product teams throughout the company to coordinate efforts to protect critical systems and process
  • Actively participate in the design and implementation of applications, services, and infrastructure to ensure security and privacy design principles are being followed 
  • Ensure Security Operations tools are effectively utilized and operating, identify gaps in process or procedure and implement new solutions accordingly
  • Participate in security incidents/event investigations to drive containment and remediation to keep Hinge Health secure 
  • Stay abreast of industry trends and changing threat landscape and review technologies and services and make recommendations to continuously improve our capabilities
  • Monitor key performance indicator (KPI) metrics, track, and report performance; provide reporting to senior management on performance
  • Ensure seamless coverage of Hinge Health’s critical assets, data, application, informational property, networks, servers, and endpoints

WHAT WE’RE LOOKING FOR

  • Bachelor’s degree in Computer Science, Computer Engineering, Cyber Security, or equivalent experience
  • 7+ years of hands-on experience working on a security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
  • Have experience in AWS specifically with one or more of the following AWS Services: GuardDuty, SecurityHub, Config, WAF, Shield, Macie, CloudTrail, CloudWatch
  • Have in-depth knowledge of security threats, penetration testing and risk assessments
  • Proficient in Security Engineering, Planning and Monitoring
  • Extensive knowledge of Cloud Security architecture including networking appliances such as Web Application Firewalls, IDS/IPS
  • Hands-on experience resolving incidents through crisis management
  • 5+ years of experience leading technical strategies and roadmaps 
  • 3+ years of experience working on Cloud technologies (AWS, Azure, GCP, etc.) 
  • Excellent technical and non-technical written and communications skills  

BONUS POINTS


  • Proven experience with Endpoint Detection and Response Solutions (CrowdStrike, Sentinel One) 
  • Knowledge of Kubernetes or container technologies

WHAT SHAPES OUR COMPANY

  • Put members first: Our primary focus is on the member, then the customer, and lastly the business. The order matters.
  • Trust: We are honest, transparent, and honor our commitments.
  • Learn-it-all: We're always willing to learn, we’re not know-it-alls. We prioritize truth over being right, welcome contrary opinions, and continue to challenge ourselves to get better every day.
  • Effective communication: Information is the lifeblood of any company. We always think about how we can ensure optimal information-flow and decision-making.
  • Innovate & take risks: We think big and we are willing to challenge the status quo.
  • Think long-term: We don’t sacrifice long-term value for short-term results.
  • Make results happen: We measure ourselves by results and impact.
  • Lead at all levels: We are empowered to take responsibility regardless of title and tenure.
  • Act like owners: We have high standards and properly allocate resources in the company's best interest.

WHAT YOU’LL LOVE ABOUT US

  • Competitive compensation with meaningful equity
  • Medical, Dental, Vision, Disability and Life Insurance (We cover 100% of your premium and 75% for your dependents) 
  • Flexible PTO
  • FSA/HSA accounts
  • Family & fertility benefit through Maven Clinic
  • 401K match 
  • 3 months paid parental leave
  • Professional Development budget 
  • Quarterly lifestyle benefit to use towards WFH equipment & fitness
  • Generous mental health stipend
  • Work from home policy
  • Opportunity to join a fantastically talented, diverse, and passionate team at a pivotal time in the company’s lifecycle
#LI-KC1
Pursuant to State Fair Pay Act, below is a summary of compensation elements for this role at the company if based in the following locations:
Colorado & New York State annual salary: $136,000 - $204,000New York City annual salary: $160,000 - $240,000
If you're interested - we'd love to hear from you. No recruiters, please.
Hinge Health is proud to be an Equal Employment Opportunity employer.We make employment decisions without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability status, pregnancy, or any other basis protected by federal, state or local law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Hinge Health is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you feel you need assistance or an accommodation due to a disability, please let us know by reaching out to your Recruiter and we'll work with our accommodations team to evaluate your request.
We celebrate diversity and are committed to creating an inclusive environment for all employees.


Job regions: Remote/Anywhere North America
Job country: United States
Job stats:  11  2  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.