Sr. Security Engineer, Detection & Response
San Francisco, CA
Applications have closed
Alto Pharmacy
We’re redefining what a pharmacy can do, with fast and reliable prescription delivery, tools like treatment reminders and medication bundling, direct access to care specialists, and support with insurance and cost savings. Try Alto today!Alto is a telehealth pharmacy focused on helping people live healthier by making the prescription experience easier, more supportive, and more affordable. We’re transforming a $500 billion industry by reinventing what a pharmacy can do, for both patients and providers—from hand-delivering medications for free to offering on-call help by text or chat. Over one million deliveries, over a thousand five-star Yelp reviews, and an NPS score of +86 later, we’re proud to say we’ve built a pharmacy that people truly love.
About the Team
Alto’s security program is focused on protecting patients’ security and privacy while enabling our business to operate and grow. We support the product and engineering team as they build a secure platform for our patients, providers and employees. We also work directly with our pharmacy and operations teams to ensure that they can care for our patients securely and efficiently. We work closely with our pharmacy compliance team to ensure that we always respect our patients’ privacy.
Our growing Security organization is looking for a technical leader to drive our detection and incident response processes. Working with Product and Infrastructure Engineering, IT and other functions, you will build better tooling and processes around separating the signal from the noise as the first dedicated hire for this function.
Accelerate your career as you:
- Own our security event monitoring platform including identifying the best tools and driving implementation as we grow and mature.
- Develop meaningful alerts and dashboards corresponding to identified threats, both external and internal.
- Investigate security incidents to understand what happened and why, and how we can prevent future occurrences.
- Identify places where we can be more efficient and automate our response, reducing the impact on on-call resources.
- Collaborate with engineering, IT and other teams to build security monitoring into all products and tools to ensure we can protect our systems and data.
- Deploy monitoring and threat simulation testing for security controls to validate efficacy improving on established frameworks (Atomic Red Teaming, MITRE, DeTT&CT )
- Drive security data analytics for scaling up our detection and response program.
A bit about you:
Minimum Qualifications:
- Have first-hand experience with incident response within a technology-centric organization.
- Have 4+ years engineering experience in a cloud environment, such as AWS.
- You are comfortable with scripting and programming languages such as Python, Ruby and Go.
- Have knowledge and understanding of detection and incident response disciplines; current threats, modern attacker exploits and persistence techniques
- Communicate effectively about technical and non-technical topics with a diverse team.
- Thrive in a dynamic fast-paced environment where you need to consider competing interests, and make decisions quickly and independently.
- Believe in Alto’s mission and embody our company values.
Preferred Qualifications:
- Have worked in a healthcare environment and are familiar with HIPAA and other regulatory requirements.
- Relevant security certifications
Additional Physical Job Requirements:
- Read English, comprehend, and follow simple oral and written instructions. The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading. Assessing the accuracy, neatness and thoroughness of the work assigned.
- Communicating with others to exchange information. Expressing or exchanging ideas by means of the spoken word; those activities where detailed or important spoken instructions must be conveyed to other workers accurately, loudly, or quickly.
- Perceiving the nature of sounds at normal speaking levels with or without correction, and having the ability to receive detailed information through oral communication, and making fine discriminations in sound.
- Frequent repeating motions required to operate a computer that may include the wrists, hands and/or fingers.
- Sedentary work: Sitting most of the time, exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Walking and standing are required only occasionally.
Salary Range: 195k-265k base annual salary + equity
Commission Eligible: No
Equity Eligible: Yes
Travel: Required less than 10% of the time
Benefits: Medical, Dental, Vision, 401(k), Group Life, AD&D, Employer paid STD/LTD, generous PTO and parental leave.
Want to learn more about Alto? Check out our blog here: https://blog.alto.com
Alto Pharmacy is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. We are an E-Verify company.
Tags: Analytics AWS Cloud Compliance Exploits HIPAA Incident response Monitoring Privacy Python Ruby Scripting
Perks/benefits: Career development Equity Health care Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs