Security Engineer

New York City or Remote

Applications have closed

Galileo, Inc.

Galileo: Our dedicated clinicians are on call 24/7 to provide full-spectrum medical care, from urgent to chronic, across digital and in-person settings.

View company page

ABOUT US

Traditional health care is broken. Galileo is here to fix it. We’re a rapidly growing health startup that combines intuitive design and clinical expertise to deliver affordable, quality care for all.

 

Galileans, as we like to call ourselves, are dedicated to flipping the traditional healthcare model into a modern solution for today—and beyond. Our empathetic, mission-driven culture puts our patients first, celebrates creative problem-solving, and moves quickly to build great products. Our teams work collaboratively, so there’s plenty of day-to-day interaction. We believe in a hybrid, flexible working environment and have team members across the U.S. and Europe.

 

ABOUT THE ROLE

The Security & Compliance team safeguards the confidentiality, integrity, and availability of systems and data assets by providing proactive security expertise. We create and maintain a resilient and secure infrastructure and foster a culture of security awareness and compliance throughout the organization.

 

In close collaboration with our Engineering team, Galileo’s Security Engineers will help safely accelerate our pace of development while implementing tooling to protect our customers' data (PHI). As a Security Engineer, you'll have an opportunity to implement new technologies in the cloud, giving our team better access to analyze metrics and prevent incidents. 

Here’s what you’ll do:

 

  • Offensive Security and red team related activities
  • Red vs. Blue/ Purple team activities
  • Infrastructure testing and validation
  • AWS Firewall and Network configuration
  • Security considerations in Application development
  • Validate and verify Secure Data Transfer with 3rd parties
  • Code scanning and remediation of vulnerabilities
  • Remediation of VAS findings
  • Security-related initiatives
  • Monitoring for security events
  • User / Role management
  • Incident response and investigation
  • Support SOC2 and HITRUST audit tasks

 

ABOUT YOU

You have experience implementing monitoring tools up and down the stack, from the cloud infrastructure level (AWS) to the application level (Docker). You understand why feature flagging is important to a deployment process. You constantly look for ways to speed up code delivery safely and reliably. You understand why practicing disaster recovery is important, and you enjoy making disaster recovery exercises redundant. You believe in the “bus factor” as a way of measuring risk. You thrive in a collaborative environment where responsibility and ownership are shared.

We would love to hear from you if you have the following or equivalent experience:

  • AWS (HIPAA Compliant Services, ECS Fargate, Aurora, SAM, CodePipeline, CodeBuild, ...)
  • CloudFormation / Terraform / Infrastructure-as-Code Tooling
  • Logging Tooling (Sumo Logic / Elasticsearch / Kibana / Splunk)
  • Monitoring Tooling (CloudWatch / SignalFX / DataDog / Grafana)
  • MySQL / Postgres
  • Python
  • Docker
  • Google SAML

Nice to haves but not necessary:

  • Offensive Security related and security-related certifications. CEH, CISSP, OSCP, OSWE, OSCE(3), SANS-related certificates, etc.
  • HITRUST certification
  • AWS SAA, SAD, associate or professional certification

 

Compensation range:

$135,000 - $197,000 based upon prior experience, performance, and market dynamics

 

Benefits:

  • Medical / Dental / Vision Insurance
  • Flexible Spending Account
  • Health Savings Account + match
  • Company paid STD/LTD, AD&D, and Life Insurance
  • Paid Family Leave
  • 401k + match
  • Paid Time Off

 

 

HOW WE HIRE

Galileo is committed to hiring the best team possible to build health care that works for everyone. We value a diverse set of perspectives to deliver the best possible solutions to those problems. We look for talent from a wide range of backgrounds—including, but not limited to—race, age, sexual orientation, gender identity, and expression, national origin, religion, disability, and veteran status. Galileo is an Equal Opportunity Employer and provides reasonable accommodations to applicants and employees with a qualifying disability or conflict with a sincerely held religious belief unless doing so would cause an undue hardship or fail to eliminate a direct threat.

#LI-Remote

Tags: AWS CEH CISSP Cloud Compliance Docker Elasticsearch Firewalls Grafana HIPAA HITRUST Incident response Monitoring MySQL Offensive security OSCE OSCP OSWE PostgreSQL Python Red team SAML SANS SOC 2 Splunk Terraform Vulnerabilities

Perks/benefits: 401(k) matching Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Startup environment Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  46  8  1

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.