Senior Security Engineer

🕒 vor 6 Monaten

🇺🇸 Vereinigte Staaten – Remote

💵 $128.130 - $235.287 / Jahr

⏰ Vollzeit

🟠 Senior

👮‍♂️ IT-Sicherheitsingenieur

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Included Health

WebsiteLinkedInAlle Stellen

1001 - 5000 Mitarbeiter

☁️ SaaS

🤝 B2B

👥 HR Tech

SaaS • B2B • HR Tech

Included Health ist ein Unternehmen für Gesundheitstechnologie, das personalisierte, auf Arbeitgeber und Krankenversicherungen fokussierte Primär-, Akut- und Verhaltensgesundheitsversorgung über eine einzige App und ein Netzwerk von virtuellen und persönlichen Dienstleistungen anbietet. Es kombiniert KI-gesteuerte Tools und menschliche Pflegeteams, um eine 24/7 Versorgungskoordination, Unterstützung bei Abrechnungen und Ansprüchen, Zweitmeinungen von führenden Spezialisten und Unterstützung für die mentale Gesundheit bereitzustellen, mit dem Ziel, die Gesundheitskosten der Arbeitgeber zu senken und die Mitgliedererfahrung sowie Inklusion zu verbessern.

Beschreibung

• Design, build, and implement Just-in-Time (JIT) access controls and Privileged Access Management (PAM) workflows to eliminate standing privileged accounts in production. • Conduct platform permission reviews and implement a least-privilege access model for cloud and application roles. • Ensure 100% of production access requests and approvals are captured in audit logs. • Lead the implementation, tuning, and operation of security tools in the CI/CD pipeline, including SAST, DAST, SCA, and secrets scanning. • Develop custom SAST rules to detect specific, high-risk flaw patterns, such as authorization bypasses or insecure PII/PHI handling. • Partner with engineering to deploy IDE plugins and automated PR checks that block sensitive data exposure before deployment. • Conduct manual security code reviews for high-risk features and cryptographic implementations. • Design, build, and maintain automation for the end-to-end vulnerability management lifecycle. • Engineer automated workflows to triage, validate, and assign new vulnerabilities • Develop and maintain security automation scripts, tools, and services in Python or Go to streamline security operations and compliance checks. • Partner with SecOps to build high-fidelity SIEM correlation rules and automated response playbooks. • Design, implement, and maintain encryption strategies for data at rest and in transit, ensuring PHI is protected in compliance with HIPAA. • Manage the cryptographic key lifecycle and administer key management systems • Design and implement secure cloud network architectures (VPCs, subnets, security groups, NACLs) and network segmentation strategies. • Lead the remediation of cloud security findings • Implement and manage a centralized security control plane • Design and implement Data Loss Prevention (DLP) policies for endpoints and cloud services to protect against sensitive data exfiltration. • Design and enforce security configurations and hardening standards for diverse operating systems (macOS, Windows, Linux) via MDM/UEM platforms. • Manage and tune endpoint security solutions, including EDR/XDR (e.g., CrowdStrike). • Lead threat modeling sessions for new features and conduct secure design reviews of system architectures, applications, and APIs. • Act as an embedded security partner and subject matter expert for product and platform teams, providing technical guidance and mentorship. • Develop and manage security programs for emerging risks, including SaaS security and AI security.

🎯 Anforderungen

• 6+ years of experience in security engineering, with hands-on expertise in both application security and cloud security (AWS strongly preferred). • Strong proficiency in at least one scripting or programming language (Python or Go preferred) for security automation. • Demonstrable experience in two or more of the following core areas: 1) Application & SDLC Security, specifically with SAST, DAST, and SCA tools (e.g., Semgrep, Snyk, Burp Suite) and CI/CD automation; 2) Security Automation & Engineering using SOAR platforms (e.g., Tines) and Terraform; 3) Cloud Security (AWS/GCP) with a focus on designing secure cloud-native services (VPCs, IAM, WAF, CSPM); 4) Identity & Encryption, including JIT access controls, PAM, and cryptographic key lifecycles; or 5) Endpoint & Data Security utilizing EDR/XDR, DLP, and MDM solutions. • Experience securing containerized environments (Docker, Kubernetes). • Previous experience in healthcare, fintech, or other highly regulated industries • Excellent communication skills, with the ability to explain complex security risks to both technical and non-technical stakeholders.

🏖️ Vorteile

• Remote-first culture • 401(k) savings plan through Fidelity • Comprehensive medical, vision, and dental coverage through multiple medical plan options (including disability insurance) • Paid Time Off ("PTO") and Discretionary Time Off ("DTO") • 12 weeks of 100% Paid Parental leave • Family Building & Compassionate Leave: Fertility coverage, $25,000 for surrogacy/adoption, and paid leave for failed treatments, adoption or pregnancies. • Work-From-Home reimbursement to support team collaboration home office work