Lead Security Engineer (Remote)

Included Health is looking for a Lead Security Engineer to expand our team! In this role, you will be helping Included Health change the standard of security in healthcare, and help us build our Product Security team. You will be working with developers, engineers, data scientists, and other professionals to ensure our platform, application, and member experience are secure.

Responsibilities:

• Security engineering and architecture background for both corporate and cloud infrastructure. You will have made design choices and implemented security capabilities for Network Design (IDS/IPS), Secure Access (IAM) and Security Monitoring amongst others, for a variety of Operating Systems and different environments.
• Security engineering background for both corporate and cloud infrastructure. You will have made design choices and implemented security capabilities for EDR, AV, Vulnerability Management, and others for a variety of Operating Systems and different environments.
• Cloud security, and cloud native security capabilities. You will be working closely with the Platform Engineering team to incorporate security best practices into our cloud infrastructure.
• Experience with infrastructure as code. You will be working with our Platform Engineering team to harden and secure our infrastructure as code repositories and ensure security best practices are followed.
• Implement best-practice security procedures, standards, and guidelines in the application space.
• Assist in compliance activities such as external audits from customers, regulatory compliance projects, and overall information security reviews.
• Team player, influencer, mentor, and growth mindset to help drive out of the box solutions.
• Excellent communication skills to clearly communicate security recommendations, decisions, and to build and maintain security relationships across the enterprise.
• Salesforce experience preferred

Qualifications:

• Bachelor’s Degree in Computer Science or a related field and 6 years experience in Information Security.
• CISSP, CCSK, CCSP certifications.
• Experience working with common security vendors for EDR and AV such as Carbon Black/CyberReason/Symantec.
• Code comprehension in at least two languages (Java, Python, Ruby, C++ etc.).
• Experience working with industry standard DLP and Insider Threat solutions, both at an endpoint and network level.
• Discussion and collaboration mindset. Engaging in healthy, constructive debates is key to our teams to innovate and plan for the future, of which Information Security plays a key role.
• Experience in implementing controls and supporting audit or evidence requests for information security compliance programs including PCI, ISO 27001, HITRUST, and SOC 2.
• Previous experience working in a startup environment and/or in Healthcare.
• Bachelor’s OR Master’s degree in Computer Science/Engineering/Information Security or equivalent work experience.
• Demonstrated experience and expertise with : Identifying and resolving OWASP Top 10 vulnerabilities | Threat modeling in an Agile environment. |Security Verification Standards. | Authentication and authorization schemes.

About Included Health
Included Health is a new kind of healthcare company, delivering integrated virtual care and navigation. We’re on a mission to raise the standard of healthcare for everyone. We break down barriers to provide high-quality care for every person in every community — no matter where they are in their health journey or what type of care they need, from acute to chronic, behavioral to physical. We offer our members care guidance, advocacy, and access to personalized virtual and in-person care for everyday and urgent care, primary care, behavioral health, and specialty care. It’s all included. Learn more at includedhealth.com.
-----Included Health is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics or any other basis forbidden under federal, state, or local law. Included Health considers all qualified applicants in accordance with the San Francisco Fair Chance Ordinance.