Developer Security Ops Engineer (DevSec Ops Engineer)
Redwood City, CA (PST Remote)
Suki
Suki is an AI-powered voice assistant that lifts the administrative burden from clinicians, so they have time to focus on what matters - patient care.What we want to accomplish and why we need you
Suki is creating a new category in the health-tech space: the digital assistant. Our product will be the voice user interface for healthcare. What does that mean? Currently, doctors use electronic health record systems to take notes on patient encounters. This is a digital version of the paper charts that you may have seen in your doctor’s office or on TV. These systems can be hard to navigate and time-consuming to manage. Doctors would rather spend that time with patients. We are creating the solution. Doctors that use Suki already spend over 70% less time on administrative tasks, and we’re striving to do even better. Come and join us!
We are a user-driven company and are committed to making sure every pixel of our product is in service of the doctor. We’re a team of technologists, clinicians, and industry experts working together to push the limits on technology used in medicine. We’re confident enough to move fast and talented enough not to break things. Check out this short video to learn more about our mission and our culture.
Our tech stack includes GCP, Kubernetes, Golang, Python, React, C++, TypeScript, JavaScript, Swift, Kotlin, gRPC, and GraphQL.
What will you do everyday?
- Work with the product, devops, and other teams to identify the right security architecture for implementing new solutions, products and features. Help develop, implement and support product security strategy.
- Work closely with product management, engineering, and DevOps teams to implement, identify, and embed cybersecurity in a secure connected architecture.
- Deliver general security concepts in the software development lifecycle (Identity and Access Management, encryption, web application security, security logging, pen-testing processes, etc.).
- Support security initiatives and serve as a point of contact to build and securely scale cloud platforms.
- Manage program risks through effective identification, mitigation, tracking, and reporting of the identified risks.
- Present strategies, project plans and more to cross functional teams delivering risk management solutions that add value.
- Analyze computer security incidents and recommend appropriate measures to respond to computer security incident activity.
- Practice, Automate & Maintain HIPAA Compliance.
- Experience in introducing security testing into software delivery pipelines (CI/CD)
- Understanding of secure and defensive coding principles, especially OWASP top 10 or similar guidance frameworks
- Understanding of “cloud-native” and 12-Factor applications and how to deploy them securely
- Create design specifications and prepare technical documentation and run-books.
- Support the development of standards by creating templates and patterns for ease of use and increase the productivity of the security program
Ok, you're sold, but what are we looking for in the perfect candidate?
- You are a hands-on engineer who leads by doing.
- You have experience in building and releasing infrastructure-as-code (IAC) in a controlled environment with an understanding of full lifecycle configuration management.
- You can leverage DevOps/DevSecOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines (Kubernetes, Terraform, SAST, DAST).
- You have the ability to multitask and prioritize multiple issues.
- You are expected to work with various multi-disciplinary teams, so it is vital that you are a team-oriented individual with priority on the successful completion of group goals.
- You foster and build a community of practice for collective learning of the security tools, practices, and systems across all disciplines
Qualifications*
- 5 years industry experience with at least 2 years experience in DevOps automation and tooling.
- Familiarity with both automated (i.e. SAST, DAST, SCA, etc.) & manual testing activities (i.e., Penetration Testing).
- Experience with cybersecurity domains including threat modeling, role-based access, OS hardening, vulnerability management, penetration testing, privacy, web applications, mobile applications, and cloud security.
- Strong understanding of IaaS, PaaS and cloud technologies. Specific experience with IaaS GCP, VPC Networking, Microservices, and container frameworks such as Kubernetes.
- Strong knowledge of DevOps, CI/CD and modern web and application development concepts, technologies, and lifecycle management.
- Excellent communication skills, both written and spoken.
- Experience collecting metrics, measuring systems and interpreting data to make decisions.
- Bachelor's degree in Computer Science, a related technical field, certifications, or equivalent practical experience.
* We don’t necessarily expect to find a candidate that has done everything we’ve listed, but you should be able to make a credible case that you’ve done most of it and are ready for the challenge of adding some new things to your resume.
Tell me more about Suki
- On a roll: Named by Fast Company as one of the most innovative companies, named Google’s Partner of the Year for AI/ML, named by Forbes as one of the top 50 companies in AI .
- Great team: Founded, managed, and backed by successful tech veterans from Google and Apple and medical leaders from UCSF and Stanford. We have technologists and doctors working side-by-side to solve complex problems.
- Great investors: We’re backed by Venrock, First Round Capital, Flare Capital, March Capital , and others. With our $55M Series C financing, we have the resources to scale.
- Huge market: Disrupting a massive, growing $30+ billion market for transcription, dictation, and order-entry solutions. Our vision is to become the voice user interface for healthcare, relieving the administrative burden on doctors instead of adding to it.
- Great customers: Our solutions are used in health systems and clinics across the country, supporting clinicians across dozens of specialties. Check out what one of our users says about how Suki has helped his practice.
- Impact: You’ll make an impact from day one. You’ll join a team working towards a shared purpose with a culture built upon deep empathy for doctors and passion for making their lives better.
Suki is an Equal Opportunity Employer. We are dedicated to building a company that fosters inclusion and belonging and reflects the diverse communities we serve across the country. We know we are stronger this way, and we look forward to growing our team with these shared values.
Tags: Application security Automation C CI/CD Cloud Compliance Computer Science DAST DevOps DevSecOps Encryption GCP Golang HIPAA IaaS JavaScript Kotlin Kubernetes Microservices OWASP PaaS Pentesting Privacy Product security Python Risk management SAST Security strategy Strategy Terraform TypeScript Vulnerability management
Perks/benefits: Career development Flex vacation Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs