Senior Security Engineer II (DevSecOps)

About The Position

Requirements

• BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 8 years security domain experience without degree
• 4+ years of experience acting as a trusted advisor in a team setting, solving for short-term and long-term business value
• 4+ years of experience coaching other engineers or analysts
• 6+ years of experience in securing and deploying applications within Cloud Native environments
• 5+ years of experience in a dedicated DevOps/DevSecOps/SRE role with focus on establishing secure SDLC and DevSecOps processes.
• Experience in scripting languages such as Python and Bash.
• Experience with Cloud Native Software Development environments and practices with a focus on multi-cloud deployments in AWS, Azure and/or GCP.

Nice To Haves

• Prior experience working in the healthcare industry with health-tech systems, like Electronic Health Records, Clinical data, etc.
• Prior experience with a focus on tooling, automation, and distributed systems development is preferred.
• Experience generating automated metrics to measure service and program effectiveness and consistency
• Strong communication skills, both written and verbal, with the capability to articulate complex technical issues to a diverse audience
• Experience with continuous integration tools (e.g. Cloud formation, Code deploy, Jenkins, CircleCI, Codefresh, Github Actions etc.).
• Experience with configuration management platforms (e.g. Ansible, Chef, Salt).
• Hands-on experience using Terraform, Python and/or other orchestration platforms at scale.
• Familiarity with Agile and waterfall development methodologies.
• Familiarity with automated testing methodologies, and continuous integration concepts.
• Experience in creating, deploying, maintaining, and troubleshooting Docker images.
• Experience in scoping, deploying, maintaining and troubleshooting Kubernetes clusters.
• Experience with deploying policies with AWS Control tower, Azure Security hub, Google Resource Manager etc.

Responsibilities

• Working cross functionally to design, build, and operate solutions that continuously improve and automate our security capabilities
• Leveraging data to understand trends, metrics, and opportunities to improve our security posture and then helping execute on those opportunities with stakeholders
• Leading and enhancing incident response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents
• Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures
• Mentoring and coaching more junior engineers or analysts

Benefits

• Flexible work schedules and the ability to work remotely are available for many roles
• Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners
• Robust time-off plan (21 days of PTO in your first year)
• Two paid volunteer days and 11 paid holidays
• 12 weeks paid parental leave for all new parents
• Six weeks paid sabbatical after six years of service
• Educational Assistant Program and Clinical Employee Reimbursement Program
• 401(k) with up to 4% match
• Stock options