Sr. Security Engineer, Detection & Response

Alto is a telehealth pharmacy focused on helping people live healthier by making the prescription experience easier, more supportive, and more affordable. We’re transforming a $500 billion industry by reinventing what a pharmacy can do, for both patients and providers—from hand-delivering medications for free to offering on-call help by text or chat. Over one million deliveries, over a thousand five-star Yelp reviews, and an NPS score of +86 later, we’re proud to say we’ve built a pharmacy that people truly love.

About the Team

Alto’s security program is focused on protecting patients’ security and privacy while enabling our business to operate and grow. We support the product and engineering team as they build a secure platform for our patients, providers and employees. We also work directly with our pharmacy and operations teams to ensure that they can care for our patients securely and efficiently. We work closely with our pharmacy compliance team to ensure that we always respect our patients’ privacy.

Our growing Security organization is looking for a technical leader to drive our detection and incident response processes. Working with Product and Infrastructure Engineering, IT and other functions, you will build better tooling and processes around separating the signal from the noise as the first dedicated hire for this function.

Accelerate your career as you:

• Own our security event monitoring platform including identifying the best tools and driving implementation as we grow and mature.
• Develop meaningful alerts and dashboards corresponding to identified threats, both external and internal.
• Investigate security incidents to understand what happened and why, and how we can prevent future occurrences.
• Identify places where we can be more efficient and automate our response, reducing the impact on on-call resources.
• Collaborate with engineering, IT and other teams to build security monitoring into all products and tools to ensure we can protect our systems and data.
• Deploy monitoring and threat simulation testing for security controls to validate efficacy improving on established frameworks (Atomic Red Teaming, MITRE, DeTT&CT )
• Drive security data analytics for scaling up our detection and response program.

A bit about you:

Minimum Qualifications:

• Have first-hand experience with incident response within a technology-centric organization.
• Have 4+ years engineering experience in a cloud environment, such as AWS. 
• You are comfortable with scripting and programming languages such as Python, Ruby and Go.
• Have knowledge and understanding of detection and incident response disciplines; current threats, modern attacker exploits and persistence techniques
• Communicate effectively about technical and non-technical topics with a diverse team. 
• Thrive in a dynamic fast-paced environment where you need to consider competing interests, and make decisions quickly and independently. 
• Believe in Alto’s mission and embody our company values.

Preferred Qualifications: 

• Have worked in a healthcare environment and are familiar with HIPAA and other regulatory requirements.
• Relevant security certifications

Additional Physical Job Requirements:

• Read English, comprehend, and follow simple oral and written instructions.  The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading.  Assessing the accuracy, neatness and thoroughness of the work assigned.
• Communicating with others to exchange information.  Expressing or exchanging ideas by means of the spoken word; those activities where detailed or important spoken instructions must be conveyed to other workers accurately, loudly, or quickly.
• Perceiving the nature of sounds at normal speaking levels with or without correction, and having the ability to receive detailed information through oral communication, and making fine discriminations in sound.
• Frequent repeating motions required to operate a computer that may include the wrists, hands and/or fingers.
• Sedentary work: Sitting most of the time, exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Walking and standing are required only occasionally.

Salary Range: 195k-265k base annual salary + equity

Commission Eligible: No

Equity Eligible: Yes

Travel: Required less than 10% of the time  

Benefits: Medical, Dental, Vision, 401(k), Group Life, AD&D, Employer paid STD/LTD, generous PTO and parental leave.

Want to learn more about Alto? Check out our blog here: https://blog.alto.com

Alto Pharmacy is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. 

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.