Security Engineer

Woebot Health has physical offices in San Francisco, Boston and Dublin, Ireland. If you’re not currently based in one of our beautiful flagship cities, please inquire whether your position can be fully remote

Our vision is to make mental health radically accessible.

We are a team of innovators, experts and business builders who have come together to develop advanced technologies that can transform healthcare. 

We’re focused on addressing the vast, unmet need for improved engagement and outcomes in mental health with Woebot, a digital coach that helps people engage more deeply and continuously in their mental health. Woebot's breakthrough is its ability to form a human-level bond with people using the latest in NLP, ML and other advanced technologies. Leveraging this therapeutic bond, and the expertise of our Stanford-trained clinicians and scientists, Woebot is constantly learning from the experience of more than one million people and hundreds of millions of messages exchanged to deliver high quality CBT-based therapeutic tools that are psychologically related and responsive to a person’s dynamic state of health.

Our work to advance human-centered technology has attracted a lot of attention. Today we’ve amassed more mentions in the scientific literature than any other digital therapeutic company, and are regularly featured as the architects of a radically new approach to mental health. But we’ve only just begun. With the backing of some of the world’s most forward thinking investors and a new round of funding complete, we’re poised to redefine how people access mental health care. 

Are you ready to create a new future for mental health, for everyone? Let's do it together!

How You’ll Thrive

Within 1 Month You Will:

• Learn the major components of our architecture and cloud infrastructure, while conducting a review of its security and documenting any vulnerabilities you find along the way
• Create a plan to address documented vulnerabilities
• Transition responsibility of monitoring and response for security events, as well as risk assessments for current and potential suppliers
• Build relationships with IT, Engineering, Quality, Product, Data, and Design

Within Your First 3 Months You Will:

• Perform a security technology review
• Assist in compliance audits with security leadership and track remediation to findings
• Implement vulnerability identification and work with appropriate teams for remediation plan
• Work with a supplier to have a security assessment performed
• Transition responsibility of security reviews, exception management, and administration, configuration, and troubleshooting of security technologies
• Assist security leadership in SOC2 and track remediation of findings

Within Your First 6 Months You Will: 

• Review and make agreed upon improvements to security technologies and configuration
• Provide metrics such as security event and response, provide vulnerability and remediation metrics, provide change management metrics
• Provide security roadmap

Within Your First 12 Months You Will:

• Implement improvements to security technologies and configurations
• Assist security leadership with business alignment to additional accreditations, such as ISO27001 and HITRUST

Key Responsibilities

You Will Own

• Vulnerability Management, implementing vulnerability identification, such as known vulnerabilities, code weaknesses, incorrect or insecure configuration, insecure architecture, and exception management
• Security Assessment Management, such as threat modeling, risk assessments, and penetration testing 
• Tracking plans and remediation to security findings
• Incident Response, monitoring and responding to security events, such as log management, monitoring, alerting, responding, containment, and remediation
• Provide metrics such as security event and response, vulnerability and remediation metrics, exception, and change management metrics
• Security technologies engineering, such as administration, configuration, usage, improvement, and troubleshooting of security technologies

You Will Assist With

• Appropriate teams, for remediation plan to security findings, including Vulnerability Management
• Security leadership, supporting security leadership with internal and external audits, governance and compliance initiatives. Partnering with them efforts to ensure Woebot Health and Woebot is secure.
• Engineering, Product, Data, and Design, working with appropriate teams for security compliance and implementation within our product
• Quality and Regulatory, to ensure quality and security alignment in regulated products
• IT and Administration, working with appropriate teams for security compliance and implementation within our business environment

This Might Be Your Next Career Move IF: 

• You are passionate about building and improving security programs
• You thrive in an environment where your opinion is respected and encouraged
• You care about helping make quality mental health care realistically accessible to millions of people nationwide

Role Specific Competencies

• Required
  • +2 years Incident Response & Vulnerability Management
  • +2 years administrating, configuring, using, improving, and troubleshooting security technologies
  • +2 years in a regulated environment, adhering to preferably at minimum HIPAA and GDPR
  • Experience working with cloud platforms such as AWS, Azure, or GCP
  • Familiarity with OWASP and MITRE

• Preferred
  • Medical Device experience
  • Exception Management experience
  • Threat Modeling and Security Assessments experience
  • Security Framework audit experience

Our Core Values:

• Empathic: You’re a compassionate person and a team player motivated to understand others and help them be successful, too. You care as deeply for your colleagues as you do for our mission and our users.
• Self-aware: You possess a high level of emotional intelligence, which allows you to understand yourself and others, and to have a healthy emotional life in the workplace.
• Proactive & flexible:You are able to hit the ground running, you take responsibility for finding a way to get the job done. You learn as quickly as possible and sometimes do things outside the immediate scope of your work, giving it all you’ve got.
• Strong work-ethic: You’ve mastered healthy habits in your life that allow you to do great things. You exemplify dedication and commitment to coming up with very good results in your work and inspire others to do the same.
• Growth mindset: You believe abilities – like intelligence and talent – can be developed through dedication and hard work. You see failure as an opportunity to grow and welcome feedback as a pathway to your continued success.
• Humble: You recognize that you are one among many, and you hold a genuine desire to discover what other people can offer. You are intrigued by how others think, and how others feel differently from you. You lean into these moments with patience and  curiosity.

 Benefits 

• Competitive Salary
• Stock Options 
• Flexible PTO
• Health, Dental & Vision
• Healthy Snacks & Meals

Woebot is an equal opportunity employer and we deeply value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.