Original listing text, shown exactly as published by the company.
Primary Duties
- Lead the development, implementation, and ongoing maintenance of comprehensive security strategies and solutions.
- Design and deploy advanced security controls to safeguards networks, systems, and applications.
- Work across disciplines to shape our security services strategy and execution
- Mentor and galvanize new engineers to do their best work
- Set and uphold the standard for security processes to support high-quality engineering
Minimum Qualifications
- BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 10 years security domain experience without degree
- 8+ years of experience in software or security engineering within Cloud Native environments
Preferred KSA’s
- Experience architecting, developing, and deploying large-scale distributed systems at scale
- Experience with cloud technologies, e.g., AWS, Azure, GCP
- Experience building continuous integration and continuous development (CI/CD) pipelines
- Strong familiarity with server-side web technologies (eg: Java, Python, Scala, C#, C++, Go)
- 4+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value
- Experience with health-tech systems, like Electronic Health Records, Clinical data, etc.
Domain Specific Experience
Dev Security Ops
- Led security architecture reviews for enterprise-scale systems including microservices architectures, data platforms (Databricks, Snowflake), and cloud-native applications, identifying and mitigating security risks before implementation.
- Established Infrastructure Security as Code practices including automated security policy enforcement, drift detection, and infrastructure vulnerability scanning integrated into Pulumi deployment workflows
- Established security review processes and governance frameworks with standardized security requirements, risk assessment methodologies, and security architecture decision records (ADRs) integrated into SDLC workflows
- Developed security automation and tooling documentation including security scanner integration guides, vulnerability management procedures, and security monitoring runbooks for DevSecOps teams
- Collaborated with platform and infrastructure teams to design secure CI/CD pipelines, container security strategies, and Kubernetes security policies with automated compliance validation and reporting
Physical Requirements
- Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.
