The Security Operations Engineer role works within Collective Health’s Information Security team. This team includes Security Engineering (Product and Application Security) as well as Security Operations and works closely with our Privacy, Risk and Compliance Team. Our Security Team at Collective Health is at the heart of the company’s success. We spend a lot of time actively working with the broader community instead of opposing them, and we find that it passes off in spades. As part of the security team you’ll be responsible for ensuring the success of a collaborative security pipeline we’ve built out and actively encourage and promote the security culture we have here.
We are changing US healthcare through the use of technology, and the Director of Information Security leads the team that ensures secure delivery of that technology. Our customers are US employers and their employees and dependents. Our solutions enable better decision-making, resulting in improved health outcomes and counteracting the spiralling costs of US healthcare.
In our first 5 years as a company, we have built a rich solution suite, comprising consumer web and mobile healthcare portals, employer administration portals, data transformation for analytics, and high-volume back-office data processing for claims “adjudication”. This adjudication determines medical claim payments according to complex medical plan rules. Our solution is highly integrated with 3rd party enterprise solutions (HRMS/Ben Admin solutions) and 3rd party medical, dental, pharma, vision solutions, as well as specialist program solutions for maternity, fertility, diabetes, behavioural health, and many other medical domains.
Our data is extremely private (comprising of personal health information or PHI) and must be managed in strict compliance with HIPAA data privacy requirements. Our customers expect our solutions to be extremely highly available (better than 99.9% availability) and we aim for >70% NPS from very highly satisfied users who rely on our systems to navigate the bewildering world of healthcare, insurance and financial claims management. Extremely high data accuracy and security is paramount.
Our Security Team has a company-wide footprint – we interact with almost every employee, understand their workflow and assist them to make it more efficient. As a part of the Security Team, you will help us make our base layer more secure by focusing on architecture, development and operation of network, cloud security and employee systems.
- Build and operate infrastructure and automation to detect and respond to security threats.
- Develop detection strategies to identify anomalous behaviors and attacks.
- Partner with shareholders from the various teams to improve Collective Health defense posture.
- Lead incident response and investigations technical activities including communications and coordination among different teams.
- Train and mentor junior team members.
- Document protocols and playbooks pertaining to incident response
- Deep understanding of information security principles and defense in depth techniques
- Strong programming experience in one or all of Python, Java, Go.
- Ability to analyze network, host, memory, and other forensics artifacts originating from multiple OSs.
- Experience Perform Memory Forensics & Malware reverse engineering, analysis and extract IOCs (Indicators of Compromise)
- Strong background in incident response, hunting, forensics, intrusion detection or threat intelligence.
- Hands-on experience with security technologies: Endpoint Detection & Response tools (EDR), such as GRR, SentinelOne, OsQuery, Snort, Bro
- Hands-on experience with forensics technologies: Macquisition, X-Ways, Volexity, FTK, GRR,
- Experience in hardening cloud infrastructure (AWS, Google Cloud, etc.).
- Experience with common attack scenarios in various common layers within our infrastructure (cloud-based issues, code quality, insider threat, etc)
If many or most of the following items apply to you, we'd love to talk!
- 5+ years of experience in Security Operations in a regulated organization (e.g HIPAA compliance - pharma, biotech, health insurance)
- Experience as an accountable Security Operations Engineering of a regulated environment or organization (e.g. FISMA, HIPAA, PCI-DSS)
- Deep understanding of information security principles
- Ability to work effectively and influence groups throughout the organization.
- Relevant network and network security experience (OSI model, firewalls, 802.1x, IPS, IDS, VPN)
- Relevant systems security experience (HIDS, system hardening, cgroups etc)
- Experience automating security incident event monitoring infrastructure
You get extra bonus points for:
- You have contributed to and maintained open source projects
- Experience working with Public Cloud Services (AWS, Azure, etc)
- Familiarity with Service Oriented Architecture and/or micro-services based architecture
- Familiarity with container-based infrastructure orchestration (e.g. Docker, Kubernetes, Meso)
- Experience with NIST security frameworks
- Experience working in Healthcare, Financial, or other regulated environment
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
About Collective Health
While medical technology continues to take giant steps forward, somehow the systems driving health coverage are still stuck in the past. The experience we have today is confusing. It’s painful. And we all deserve better. Collective Health was founded on the belief that better is possible. Driven by our mission to make understanding, navigating, and paying for care effortless, we’ve evolved the way health benefits work. More than 155 million Americans count on an employer for coverage. That's why, with the technology to create a more intelligent solution and the compassion to know that every person matters, we deliver a connected healthcare experience for companies who want the best for their employees.