Our Security Team has a company wide footprint – we interact with almost every employee, understand their workflow and assist them to make it more efficient. As a part of the Security Team, you will help us make our base layer more secure by focusing on architecture, development and operation of network, cloud security and employee systems.
Your Core Responsibilities:
- Evaluate and develop systems to enhance our security posture while reducing overall digital security risk.
- Maintain and audit IT Infrastructure security.
- Lead IT infrastructure integrations with partners from a security perspective.
- Collaborate with team members, understand their processes and workflows, prioritize their ideas and innovations and develop improvements.
- Maintain awareness of industry security threats and respond to security incidents.
- Augmenting our Continuous Integration pipeline to include security testing
- Perform code audits on internal, and open source libraries for inclusion in our products
- Assist in the architecting of new products, features, and capabilities.
If many or most of the following items apply to you, we'd love to talk!
- 3+ years of Java, Ruby, Go, or Python Software Application development experience
- 3+ years of Web application vulnerabilities discovery or detection
- 1+ years Static and Dynamic Analysis Techniques experience (developing models or executing analysis tooling)
- Deep understanding of information security principles.
- Ability to work effectively with groups throughout the organization.
- Relevant network and network security experience (OSI model, firewalls, 802.1x, IPS, IDS, VPN)
- Relevant systems security experience (HIDS, system hardening, cgroups etc)
- Experience automating security incident event monitoring infrastructure
You get extra bonus points for:
- You have contributed to and maintained open source projects.
- Experience working with Cloud networks (AWS).
- Familiarity with Service Oriented Architecture and/or micro-services based architecture.
- Experience working in Healthcare, Financial, or other regulated environment
- Experience with breaking encryption, authentication, or authorization system flows
Collective Health is a technology company working to create the healthcare experience we all deserve. Founded in 2013, our team of engineers, designers, product managers, and actuaries are redefining the $1 trillion market of employer-sponsored health benefits with data-driven and people-focused products. Our complete health benefits solution helps great companies like Activision Blizzard, Palantir, Restoration Hardware, and Pinterest take care of their people by harnessing the power of design and technology. Based in San Francisco, CA, we’re backed by some of the best investors in Silicon Valley including Google Ventures, Founders Fund, NEA, and Redpoint Ventures. For more information, visit us at https://www.collectivehealth.com.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.