Senior Cloud Security Engineer

Headspace and Ginger have recently merged to become Headspace Health! While roles are still being recruited separately on our respective websites, new hires from this point forward will be joining Headspace Health. For more information, please speak with your recruiter! 

About the Senior DevSecOps Engineer at Headspace Health:

The Senior Cloud Security Engineer will be a key member of the technical team responsible for worldwide cloud infrastructure security at Headspace Health. This individual will work closely with the agile engineering, product, operations, QA and IT teams, as well as internal and external auditors to promote development, operations and security best practices. The individual will review current cloud/application architecture designs to provide secure design recommendations, create secure infrastructure as code (e.g. terraform modules) and implement tooling that can be leveraged by engineering and operation teams.  They will be involved early in application planning phases, and as appropriate, will implement related security tooling that embodies a Shift Left mindset. This individual is also responsible for the enterprise security logging program and related initiatives, ensuring that systems/apps created by engineering teams are following logging best practices and properly forward/store logs for security monitoring.  This individual will use their industry experience to drive the resolution of complex security incidents, policy questions and technical security issues. 

Beyond the methodologies and tools, it is important for you to drive a culture of security and take initiative. You will work with a diverse team of talented leaders and contributors who all are working collaboratively to realize our vision of improving the health and happiness of the world.

How your skills and passion will come to life at Headspace Health:

• Interact closely with other cyber security architects, privacy officer, engineering, and product management teams to ensure adequate security capabilities and controls are in place within the technology stack to mitigate security risks and meet the highest security and compliance requirements
• Review current cloud/application designs to recommend and create secure Infrastructure as Code, as well as implement tooling to be leveraged by engineering teams, fostering a shift left mindset
• Lead threat modeling / security reviews with engineering teams, provide subject matter expertise in resolving complex security problems
• Identify opportunities for automation (e.g. pipeline security), partnering with Application Security engineers on initiatives including static and dynamic application scanning in the CI/CD pipeline
• Maintain and improve the enterprise security logging program and related initiatives, ensuring that systems/apps follow logging best practices and properly forward/store logs for security monitoring
• Work closely with the engineering, application security, and GRC teams for timely mitigation of security findings from scanning activities and penetration tests
• Act as a key member for incident investigation activities
• Continuously research, design, advocate and recommend new security technologies, architectures, and products that will ensure compliance requirements are met and risk is appropriately mitigated
• Develop the ability to effectively navigate a highly complex environment to independently retrieve technical evidence for gaining assurance over effectiveness of controls

What you’ve accomplished:

• 5+ years of relevant experience in cloud security architecture / cloud security and in-depth knowledge of security protocols/tools/automation in a regulated industry such as healthcare, banking or financial services
• 3+ years of hands-on experience writing (not just reviewing) Infrastructure as Code. Terraform is a plus.
• Good knowledge of AWS infrastructure, Load balancers, VPC configuration, Storage, IAM, Serverless infrastructure such as AWS Lambda, API Gateway, etc
• Good knowledge of security logging architectures and storage in cloud environments
• Demonstrated understanding of agile secure software development lifecycle and ability to distinguish the core inputs and outputs in each cycle
• Experience in scripting Python, Javascript, and/or Shell programming
• Attention to detail and a thorough approach to problem-solving
• Ability to efficiently handle ambiguity and appropriately prioritize competing projects
• Good to have: Familiarity with one or more industry security compliance frameworks and/or regulations such as ISO 27001/2, PCI-DSS, HIPAA, FedRAMP, CIS, HITRUST, SOC 2, NIST 800-53, etc.
• Good to have: Certifications from organizations such as AWS/Hashicorp (e.g. AWS Solutions Architect, AWS SysOps Administrator)

Pay & Benefits:

The base salary range for this role is determined by a number of factors, including but not limited to skills and scope required, relevant licensure and certifications, and unique relevant experience and job-related skills. The base salary range for this role is $104,981-$157,476.

At Headspace Health, cash salary is but one component of our Total Rewards package. We’re proud of our robust package inclusive of: base salary, stock awards, comprehensive healthcare coverage, monthly wellness stipend, retirement savings match, lifetime Headspace membership, unlimited, free mental health coaching, generous parental leave, and much more. Paid performance incentives are also included for those in eligible roles. Additional details about our Total Rewards package will be provided during the recruitment process.

How to get started:
If you’re excited by the idea of seeing yourself in this role at Headspace Health, please apply with your resume and a cover letter that best expresses your interest and unique qualifications.

How we feel about Diversity & Inclusion:

Headspace Health is committed to bringing together humans from different backgrounds and perspectives, providing employees with a safe and welcoming work environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together. 

As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace. 

*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Headspace Health. Please inform our Talent team by filling out this form if you need any assistance completing any forms or to otherwise participate in the application or interview process.

#LI-JT1