IT Security Specialist (Remote)

Washington, DC

Applications have closed
At Kit Check, our mission is to create groundbreaking medication intelligence solutions that increase efficiency, safety and visibility for health systems and pharmaceutical manufacturers.  We empower stakeholders to deliver the right medicine to the right patient at the right time, every time.  We are a venture-backed, high growth healthcare technology company with a start-up 'vibe' and over 800 customers tracking medications using our proven solutions.
Kit Check is looking for a talented and experienced Security and Compliance Engineer to join our team. As a member of the team, you can expect to work in a highly visible, cross-functional role. As an engineer on this team, you’ll play an advisory role across the whole company, and you’ll help all Kit Check engineers build secure-by-default systems and triage and mend vulnerabilities on their systems.
The Platform, Data, and Security Engineering team is responsible for building scanning and threat detection systems to monitor Kit Check’s cloud deployment (AWS-native) and other digital assets. They train all Kit Check employees on security best practices, conduct risk assessments of new vendor integrations and product launches, and develop internal protocols, processes, and relationships to ensure customer assurance and trust. Lastly, they build and maintain core standards around security, availability, and confidentiality — reflected in our compliance certifications — and the automation to monitor and enforce these standards across Kit Check. 
We’re excited to share our passion for scalable, engineering-driven, security with you, and for your perspective to help shape our team’s goals. You will be responsible for contributing to, operating, and improving all things related to our security and compliance requirements for SOC2, HIPAA, and CGMP.

What You'll Get From Us:

  • Opportunities to solve problems of scale, debt and security to redefine what’s possible in Medication Intelligence
  • Strong voice in what we work on, how it works, and how it is built
  • Room to be creative and choose your own path
  • Trust in your sense of ownership
  • Coworkers who you'll learn from, who will push you and who are looking to learn from you

This Role Can Expect To:

  • Assist with responses to customer questions, questionnaires, and contract issues regarding compliance and security.
  • Conduct reviews, train employees and advise on matters related to security and compliance across Kit Check
  • Partner with Kit Check engineering teams to understand and resolve security incidents that arise on their services
  • Promote a culture of operational excellence by meticulously testing and monitoring our team’s systems and code, and being on-call to support the health of our services
  • Uphold a culture of collaboration, transparency, creativity, inclusion, and data-driven decisions

Important Skills and Traits:

  • Experience developing, implementing, and monitoring internal practices for SOC2, HIPAA or ISO information security compliance standards
  • Ability to persuasively represent Kit Check’s security posture and the maturity of our operations to customers
  • Proven ability to design and develop low-friction, innovative, and reliable services that integrate security into the fabric of a cloud-based product
  • Clear and persuasive communication of complex and critical information to a broad audience
  • Subject matter expertise in security best practices and the ability to quickly make correct risk assessments that prioritize the overall benefit to the company
  • Track record of building self-service and high-quality tools with a customer-driven mindset
  • A desire to share your expertise through documentation, mentorship, and both written and vocal discussion
  • A personal drive to expand your comfort zone by exploring new and/or unfamiliar tasks and domains
  • A desire to work with individuals with diverse backgrounds, perspectives, and experiences
  • Autonomy and proactivity around driving work to completion in the face of ambiguity
  • Strong proficiency in a programming language, testing practices, and thorough documentation
  • 1+ years of experience in product or infrastructure security-related software engineering roles

What Can Set You Apart:

  • Experience with our tech stack: Docker, AWS (CloudFormation, IAM, ECS, Lambda, RDS, and more) is a plus
  • Experience with software and/or hardware products in an FDA CGMP regulated environment
  • Any code, writing or projects that are public or shareable demonstrating your experience, understanding or approach to security and compliance
This position is a remote position and open to applicants in the continental United States.
Why Kit Check?Kit Check’s culture is built on innovation and teamwork. There’s room to grow and opportunities to take initiative. You will partner with sharp, motivated teammates looking to disrupt a massive industry—and have fun doing it.  We truly believe that where you work and what you do matters.  Join us as we revolutionize the hospital pharmacy landscape!-Competitive salary-Time off when you need it – unlimited vacation days!-Generous insurance coverage-401k program with a company match-Employee stock options-Fun, collaborative culture!
EOE AA M/F/VET/Disability
All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, religion, color, national origin, sex, protected veteran status, disability, or any other basis protected by federal, state or local laws.

Tags: Automation AWS Cloud Compliance Docker HIPAA IAM Lambda Monitoring SOC 2 Threat detection Vulnerabilities

Perks/benefits: 401(k) matching Career development Competitive pay Equity Flex vacation Insurance Startup environment Transparency Unlimited paid time off

Regions: Remote/Anywhere North America
Country: United States
Job stats:  9  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.