Security Engineer

Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology. At Redox, security comes first as patients depend on our systems to be secure, available and reliable. The security team partners with every team in our business to make that happen. 
We’re looking for a person who will join our security engineering team, responsible for the security of our technical systems at Redox. In this role, you will help set the direction and implement our technical security processes, tools, and capabilities. Redox is an engineering-first company, building the future of healthcare information exchange, the platform to help power healthcare companies and applications to work together! 

What You Will Do:

• Be an active voice in our small, focused security team as an engineer responsible for the security of our technical systems.
• Empower Redox to reduce avoidable security vulnerabilities and misconfigurations in our applications and cloud environments.
• Define the secure baseline and secure configuration required for production systems and applications at Redox.
• Build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems.
• Approach securing our company pragmatically, empathizing with engineers, developers and security champions to understand their needs.
• Perform risk assessments, threat models and code reviews for our application.
• Communicate issues and progress on complex problems in terms easily understood by stakeholders. 
• Support and build valuable training activities that uplift developer awareness of secure coding and configuration practices.
• Build and maintain tools that detect potential security issues.
• Maximize security impact and reduce risk while minimizing the negative impact on our businesses and developer velocity.

Your Skills and Experience:

• Knowledge of current security threats, risks, vulnerabilities and misconfigurations, how to detect them, how to prevent them and how to create awareness of them. 
• Proficiency and hands-on experience using tools to which can detect security vulnerabilities, both statically and dynamically.
• Experience securing applications in cloud environments.
• Ability to communicate complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.
• Experience running threat modeling sessions with engineering teams.
• Ability to distil complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders. 
• Experience securing Linux/Ubuntu, Docker, Kubernetes.
• Development experience sufficient to automate repetitive tasks and scale your impact. 

Bonus Skills and Experience:

• Experience securing Javascript, NodeJS and Typescript applications.
• Experience with containerized and application mesh architectures.
• Knowledge of the OSI Security model and how it applies when securing networks and hosts.

Please keep reading...Research shows that while men apply to jobs when they meet an average of 60% of the criteria, women and other marginalized folks tend to only apply when they check every box. So if you think you have what it takes, but don't necessarily meet every single point on the job description, please still get in touch. We'd love to have a chat and see if you could be a great fit. 
About Redox:
What We DoHealthcare organizations and technology vendors connect to Redox once, then authorize what data they send to and receive from partners through a centralized hub. Redox's cloud-based platform is vendor and standards agnostic and enables the secure and efficient exchange of healthcare data.
This approach eradicates the need for point-to-point integrations and accelerates the discovery, adoption, and distribution of patient and provider-facing technology solutions. With hundreds of healthcare organizations and technology vendors exchanging data today, Redox represents the largest interoperable network in healthcare. Learn how you can leverage the Redox platform at www.redoxengine.com.
Other Stuff About UsRedox is an EEO company. We fully support the diversity of our team! Here's a recent blog post about our stance on diversity and belonging: Diversity at Redox
We believe in holding ourselves to a high standard of conduct. Here's how we think about this: Redox Code of Conduct
Successful candidates must be eligible to be employed in the US, and must reside in the US.
Thank you for your interest in Redox!