Senior Security Engineer, Incident Response
Hi, we're Oscar. We’re hiring a Senior Security Engineer, Incident Response to join our Security team.
Oscar is the first health insurance company built around a full stack technology platform and a relentless focus on serving our members. We started Oscar in 2012 to create the kind of health insurance company we would want for ourselves—one that behaves like a doctor in the family.
About the role:
Taking care of our members includes securing their data. The mission of the Security team is to protect the data our customers have entrusted to us, and make it possible for Oscar management to make informed, risk-calibrated decisions.
In this role, you will lead the information security incident response efforts by collecting and analyzing evidence and providing reports of identified threats, as well as search for insider threats. You will build upon the foundation of our existing program to better support our business. You will work with other Security team members and partner cross-functionally with Engineering, IT, and SRE to help prioritize and close control gaps and reduce enterprise risk.
You will report into the Director, Detection and Response.
This is a remote role, you will work remotely in one of the following states: Arizona, California, Connecticut, Florida, Georgia, Illinois, Maryland, Massachusetts, Michigan, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Tennessee, Texas, Utah, Virginia, or Washington. Note, this list of states is subject to change.
- Respond to and direct actions around data security incidents and coordinate between the information security, product, legal, privacy, compliance and engineering teams if necessary
- Document incidents and events and track action items following post mortem
- Design and conduct tabletop exercises to assure organizational readiness
- Establish processes and build ‘playbooks’ around operational responses to incidents
- Perform forensic processes including chain of custody, computer acquisition techniques, and memory acquisition techniques
- Support the overall improvement of the security process and documentation
- Build positive relationships with partner teams across the organization to continuously improve our incident response strategies and priorities for protecting our customers and company
- Create metrics to demonstrate the effectiveness of our incident response security program and inform continuous program improvements
- Report and communicate security issues and topics to technical and non-technical audiences, ranging from individual contributors to C-Suite executives
- Support the overall improvement of the security process and documentation in addressing the emerging threats
- Have 6+ years of career experience related to Digital Forensics and Incident Response
- Proficiency in at least 1 programming or scripting language (preference to Python or Go)
- Knowledge of network and web related protocols (e.g. TCP/IP, UDP/IP, IPSEC, HTTP/HTTPS)
- Have previously applied your skills in reverse engineering, computer forensics, ethical hacking, and threat hunting to solve problems in a technology-first environment
- Previous experience in particular OS environments (Mac, Chromebook, and Linux) as well as cloud environments (AWS and GCP)
- Able to analyze system and network logs to piece together what happened
- In-depth technical understanding that enables you to assess security risks in a technology-heavy company
- Have an understanding of privacy regulation and best practices such as CCPA and NIST Standard for security incidents
- Prior work experience in or understanding of security challenges specific to the healthcare or health insurance industries
Life at Oscar:
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives.
We encourage our members to care for their whole selves, and we encourage our employees to do the same with comprehensive medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, and volunteer opportunities.
Oscar applicants are considered solely based on their qualifications, without regard to applicant’s disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (email@example.com) to make the need for an accommodation known.
Pay Transparency Policy:
Oscar ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.
COVID-19 vaccine requirements for in-person work:
To protect the health and safety of our employees, we require any employee conducting in-person work* to be fully vaccinated against COVID-19 by their start date.
If you are unable to be vaccinated due to medical or protected religious reasons, please reach out to our Benefits team at firstname.lastname@example.org to submit an accommodations request.
*Note: In-person work includes: employees required to work from our offices (either full-time or part-time), employees conducting sales work in the field and employees conducting at-home or in-person visits with members.
Explore more Information Security career opportunities
- Open Senior Infrastructure Security Engineer Jobs
- Open Senior Penetration Tester Jobs
- Open IT Security Engineer Jobs
- Open SOC Analyst Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Information Security Officer Jobs
- Open Vulnerability Analyst Jobs
- Open Principal Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Senior Information Security Engineer Jobs
- Open Information Security Architect Jobs
- Open Personnel Security Officer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Staff Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open Infrastructure Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open DevOps Security Engineer Jobs
- Open Senior Incident Response Analyst Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open IAM Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Incident Response Manager Jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open NIST-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Machine Learning-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open Security assessments-related jobs
- Open IPS-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open Encryption-related jobs
- Open HIPAA-related jobs
- Open DevSecOps-related jobs
- Open Cryptography-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs
- Open PowerShell-related jobs
- Open DNS-related jobs