Remote - United States
Quartet is a pioneering healthcare technology company striving to improve the lives of people with mental health conditions. We connect people to a personalized care team to get them the right care at the right time. Our collaborative technology platform and range of services brings together physicians, mental health providers, and insurance companies to effectively improve patient outcomes and drive down healthcare costs. Backed by $153MM in venture funding from top investors like Oak HC/FT, GV (formerly Google Ventures), F-Prime Capital Partners, Polaris Partners and Centene Corporation, Quartet is headquartered in NYC and is currently operating in several markets across the United States — Pennsylvania, Washington, Northern California, New Jersey, North Carolina, Louisiana, and Illinois.
About the team & Opportunity: You will be part of our growing security team at Quartet Health. You will be tasked with the build-out of Quartet's security infrastructure, with a focus on automation, and eventually your focus will shift to day-to-day operations and break/fix.
- Design, test, and deploy various security solutions for Quartet’s internal and external systems
- Implement effective methods in anomaly-based attack detection / prevention and attack surface reduction
- Automate the static code analysis (SCA) process to detect security vulnerabilities before code is deployed
- Promote secure coding practices within the application development teams
- Work on improvement of existing tools and development of new tools
Qualifications - Minimum
- You are adept at using scripting languages to automate tasks (Python, AWK, Nodejs)
- You understand modern web application architecture (MVC using React / Angular) and how to secure it (OWASP)
- Have a solid understanding of common networking protocols and operations engineering (specifically MacOS and popular Linux variants)
Qualifications - Preferred
- Familiarity with Open Source security tools (e.g. ELK stack) and common network services (LDAP, DNS, NTP, etc.)
- Familiarity with the following security domains: Incident Management/Forensics (primarily MacOS and Linux Ubuntu); Vulnerability Management (Tenable, Amazon Web-Services integrations); Application Security:Web-app security scanners (Burp Suite, Netsparker), Auditing code for vulnerabilities; Compliance (HIPAA, NIST 800-171, HITRUST)
- Knowledge of security standards, principles, techniques, and technologies (OWASP, ISO27001, NIST 800-53, Common Criteria TSPs etc.)
Employee Benefits for Quartet include: Unlimited vacation, volunteer opportunities, team events, mental healthcare coverage of 15 free therapy sessions + unlimited copay reimbursements, medical, dental + vision coverage, generous parental and military leave, commuter benefits, 401K, and stock option grants.
Want to know what Quartet life is like? Click here to meet our team.
Quartet is committed to building a diverse team and fostering an inclusive culture, and is proud to be an equal opportunity employer. We embrace and encourage our employees' differences in race, religion, color, national origin, gender, family status, sexual orientation, gender identity, gender expression, age, veteran status, disability, pregnancy, medical conditions, and other characteristics. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Quartet does not accept unsolicited headhunter and agency resumes. Quartet will not pay fees to any third-party agency or company that does not have a signed agreement with Quartet.
Please note: Quartet interview requests and job offers only originate from quartethealth.com email addresses (e.g. firstname.lastname@example.org). Quartet will also never ask for bank information (e.g. account and routing number), social security numbers, passwords, or other sensitive information to be delivered via email. If you receive a scam email or wish to report a security issue involving Quartet, please notify us at: email@example.com
Have someone to refer? Email firstname.lastname@example.org to submit their details to us.