Security Engineer (Remote)
Palo Alto, CA, United States
Applications have closed
Company Description
Founded in 2013, Tidepool is a 501(c)3 nonprofit organization dedicated to making diabetes data more accessible, actionable, and meaningful for people with diabetes, their care teams, and researchers. Tidepool Loop is a project to build and support an FDA-regulated version of Loop, to be available in the iOS App Store, intended to work with commercially available insulin pumps and CGMs. Tidepool Loop is not currently available for use.
Job Description
Because of the nature and requirements of this role, we ask that all candidates are geographically located in the United States and authorized for employment.
Are you interested in working to secure apps and data that are already improving the lives of people with diabetes and want to help bring it to many more? As a Security Engineer, you will be responsible for helping Tidepool customers (internal and external) maintain the security of our platform and help drive innovation and performance within the company around DevSecOps practices.
Essential Duties and Responsibilities:
- Working with Tidepool Security Lead to establish and focus on high-risk priorities and operational needs.
- Collaborate with all areas of Tidepool to support and deliver a secure platform, and end-user experience and facilitate operational security needs.
- Assist in designing and implementing new and augmenting existing security controls.
- Work with all areas of Tidepool to ensure a HIPAA-compliant security environment.
- Assist in assessing and implementing new services and architectures.
- Participate in the Audit process - we are currently working on a SOC 2 Type 2, and intend to continue this audit and observability long term.
- Work to help identify and remediate vulnerabilities via automation, manual assessment, tools, and Tidepool’s bug bounty program.
Qualifications
The ideal candidate has:
- 2 or more years in an environment executing or supporting security functions
- CISSP, CCSP or similar certification.
- SANS certification (GCIH, GCIA, etc).
- Experience with IAM policies in one or more cloud service providers (AWS, Azure, GCP).
- Strong experience with one or more cloud-native services - Docker, Kubernetes, Go.
- Familiarity with security frameworks and guidance such as NIST, OWASP, CSA, ISO.
- Familiarity with network ports and services.
- Familiarity with TLS and SSL infrastructure and protocols.
- Experience with one or more scripting languages.
- Familiarity with logging services and assessing and alerting on logs, verifying and monitoring log sources status either via automation or manual audit.
- Familiarity with Operating System security on one or more platforms (Linux, MacOS, Windows).
- An eye for detail and a willingness to take extra care in developing controls and processes that respect internal and external customers’ privacy, usability, and security.
- Experience with automated testing, unified logging, and continuous integration tools.
Additional Information
Salary range: $83,500-$105,000. To learn more about Tidepool's compensation philosophy please see Tidepool's Employee Handbook.
Benefits include:
- Flexible PTO
- Paid parental leave
- Medical, Dental, and Vision coverage
- Health and Childcare FSA
- Flexible work schedule
- Wellness and Productivity stipend
- Continuing Education Reimbursement
Other Information:
While many of Tidepool’s team members have a personal connection to diabetes, this is not a requirement. We ask that you have empathy for chronic conditions and you are prepared to learn about the diabetes experience.
This is a remote position. You’ll be working from home and interacting with a team of colleagues that works around the world. Learn more about working at Tidepool, including our approach to inclusion and diversity in this blog post.
Tidepool is an Equal Opportunity Employer. The company supports diversity and inclusion in its core values and does not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual preference, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by U.S. federal or state law or local ordinance. When necessary, the company will reasonably accommodate employees and applicants with disabilities if the person is otherwise qualified to safely perform all of the essential functions of the position.
Tags: Automation AWS Azure C CCSP CISSP Cloud DevSecOps Docker GCIA GCIH GCP HIPAA IAM iOS Kubernetes Linux MacOS Monitoring NIST Nonprofit OWASP Privacy SANS Scripting SOC SOC 2 TLS Vulnerabilities Windows
Perks/benefits: Flex hours Flex vacation Health care Home office stipend Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs