Security Engineer

Modern Health

Modern Health is a mental health benefits platform for employers. We are the first solution to cover the full spectrum of mental well-being needs through both evidence-based digital content and professional support from a global network of certified coaches or therapists all in one comprehensive app. Whether someone wants to proactively manage stress or treat depression, Modern Health guides people to the right care at the right time.  We empower companies to help all of their employees be the best version of themselves, and believe in meeting people wherever they are in their mental health journey.

We are a female-founded company, backed by investors like Kleiner Perkins, Founders Fund, John Doerr, Y Combinator, and Battery Ventures. We partner with 220+ global companies like Lyft, SoFi, Pixar, Gusto, Okta, and Udemy that are taking a proactive approach to mental health care for their employees. Modern Health has raised more than $170 million in less than two years with a valuation of $1.17 billion, making Modern Health the fastest entirely female-founded company in the U.S. to reach unicorn status.  We are looking for driven, creative, and passionate individuals to join in our mission.  

In 2020 we tripled our employee headcount, doubled our customer base and grew our revenue 10x.  As a hyper-growth company we have maintained our people-first culture winning awards including Fortune’s Best Workplaces in the Bay Area 2021 and maintaining an employee retention rate of 99.97% and an overall Glassdoor rating of 4.9 out of 5. 

An inclusive and diverse culture are key components of mental well-being in the workplace, and that starts with how we build our own team. If you’re excited about this role, we’d love to hear from you!

The Role:

Maintaining the security and privacy of our users is paramount to Modern Health’s mission. As a member of the security team you will have organization-wide visibility to continuously support and monitor our commitment to privacy, security, and compliance.

This is a unique opportunity to use your engineering and security skills to make a direct impact in people's lives. We need a security engineer who can pick up and understand complex technical areas quickly, mitigate risk by increasing automation in security domains, and work with other engineers to securely release and maintain software, infrastructure, and an information security management system, while always working to increase our security and compliance posture.

This role will be part of the Infrastructure & Security (InfraSec) team, report to the VP of Engineering. This position is not eligible to be performed in Colorado or Hawaii.

You will:

• Analyze security systems and seek improvements on a continuous basis.
• Report on and research solutions to possible threats or software issues.
• Work with our engineering teams to remediate vulnerabilities in our systems according to our SLAs.
• Work directly with our clients in answering their security questions via our Vendor Security Questionnaire (VSQ) process.
• Develop cost-effective solutions to cybersecurity problems.
• Implement and lead on best practices and security standards for the organization.
• Routinely test and audit company software and network configurations.
• Contribute to engineering a secure application platform.
• Partner with Legal and Compliance to raise our security posture through the implementation of controls set by our compliance objectives.

Your profile:

• You are a passionate and confident leader that takes pride and ownership in the work you do.
• You understand software, hardware and infrastructure needs while adjusting them according to our business environment
• You have an understanding of best practices and how to implement them at a business-wide level
• You have experience implementing controls for information security compliance programs including HIPAA, SOC2, and GDPR
• You have experience managing IDS/IPS/FIM/Vuln scanning
• You have hands-on experience with a variety of programming languages (preferably Python)
• You are able to assess, prioritize, and execute on projects independently.
• You are comfortable working in a fast-paced environment
• You  have excellent written and verbal communication skills. You remain calm under pressure.
• You have experience working with teams to secure web applications
• 1-2 years of experience in the cybersecurity industry
• 2+ years of general engineering experience (Front-End, Back-End or Infrastructure)

Our stack:

• AWS: ECS and cloud hosting
• Gitlab: CI/CD
• Python: Django, Flask, aiohttp
• Data: PostgreSQL, Redis
• Monitoring: Datadog and Sentry
• IaC: Terraform, Packer

Bonus points if you have experience in: 

• Working at a high growth startup
• Working on SaaS software
• Working in Health Tech

Benefits: 

• 100% coverage for Medical / Dental / Vision 
• Stipend towards mental health benefits
• 401k plan 
• Flexible PTO 
• Cell Phone Reimbursement
• Passionate team dedicated to making a positive impact
• Generous parental leave policy
• Unlimited career growth opportunity
•