Security Engineer, Detection & Incident Response
New York, New York, United States
Applications have closed
Oscar
Oscar offers health insurance plans for individuals and families, and small businesses. Find a plan that's right for you.Hi, we're Oscar. We’re hiring a Security Engineer, Detection & Incident Response to join our Security team in our New York office.
Oscar is a technology-driven, consumer-focused health insurance startup founded in 2012 and headquartered in New York City. Our goal is to make health insurance simple, transparent, and human. We need your help to do so.
About the role:
Taking care of our members includes securing their data. The mission of the Security team is to protect the data our customers have entrusted to us, and make it possible for Oscar management to make informed, risk-calibrated decisions.
In this role, you will support the information security incident response efforts by collecting and analyzing evidence and providing reports of identified threats, as well as search for insider threats. You will work with other Security team members and partner cross-functionally with Engineering, IT, and SRE to to help prioritize and close control gaps and reduce enterprise risk.
You will report into the Director of Detection & Response.
Responsibilities:
- Respond to and direct actions around data security incidents and coordinate between the information security, product, legal, privacy, compliance and engineering teams if necessary
- Document incidents and events and track action items following post mortem
- Design and conduct tabletop exercises to assure organizational readiness
- Establish processes and build ‘playbooks’ around operational responses to incidents
- Perform forensic processes including chain of custody, computer acquisition techniques, and memory acquisition techniques
- Support the overall improvement of the security process and documentation
Requirements:
- Have 4+ years of career experience related to Digital Forensics and Incident Response
- Proficiency in at least 1 programming or scripting language (preference to Python or Go)
- Knowledge of network and web related protocols (e.g. TCP/IP, UDP/IP, IPSEC, HTTP/HTTPS)
- Have previously applied your skills in reverse engineering, computer forensics, ethical hacking, and threat hunting to solve problems in a technology-first environment
- Previous experience in particular OS environments (Mac, Chromebook, and Linux) as well as cloud environments (AWS and GCP)
- Able to analyze system and network logs to piece together what happened
- In-depth technical understanding that enables you to assess security risks in a technology-heavy company
- Can fluently communicate security risks to both technical and non-technical audiences
- Have a basic understanding of privacy regulation and best practices such as:
- CCPA
- NIST Standard for security incidents
Life at Oscar:
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives.
We encourage our members to care for their whole selves, and we encourage our employees to do the same with comprehensive medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, and volunteer opportunities.
Reasonable Accommodation:
Oscar applicants are considered solely based on their qualifications, without regard to applicant’s disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (accommodations@hioscar.com) to make the need for an accommodation known.
Pay Transparency Policy:
Oscar ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.
Tags: AWS CCPA Cloud Compliance Ethical hacking Forensics GCP Incident response Linux NIST Privacy Python Reverse engineering Scripting TCP/IP
Perks/benefits: Health care Insurance Medical leave Parental leave Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open IPS-related jobs
- Open CEH-related jobs