The Security Engineer is a member of the Bright Health Information Security Organization and involved in building, maintaining and supporting public cloud security and engineering initiatives. This person will work alongside our engineering organization’s existing security, engineering and cloud operations.

YOUR RESPONSIBILITIES

• Conduct monthly vulnerability code scans
• Maintain static application security testing (SAST) tools and processes
• Lead Security Training of developer teams (using OWASP Top Ten or equivalent framework)
• Assist with implementation of application security controls in accordance with PCI framework
• Oversee encryption implementation requirements within full-stack ecosystem of web applications
• WAF Implementation and Operations For Growing Presence Of Web-Facing Assets
• Serve as a trusted advisor in evaluating and recommending existing (as well as future) application security tools
• Other duties and responsibilities as assigned

EDUCATION, TRAINING, AND PROFESSIONAL EXPERIENCE

• A Bachelor’s or technical degree in computer science is preferred.
• Four (4) or more years of experience in information security, preferably in a medium to large software product company is required. Three (3) or more years of experience will be considered if a bachelor’s degree or higher in technical field has been obtained. 
• Competency in a programming language such as Python, Javascript, Go, C#, etc.
• Basic understanding of static analysis and dynamic analysis tools
• Strong understanding of OWASP TOP TEN remediation

LICENSURES AND CERTIFICATIONS

• Vendor neutral cloud, offensive security and web application security certifications preferred including one or more of the following certifications: CCSP, CSSLP, OSCP, OSWE, OSCE, Azure AZ-500, eJPT, eWPT, eWPTx, eCPPT, eWDP, relevant SANS certifications, or other related certification.

WORK ENVIRONMENT

The majority of work responsibilities are performed in an open office setting, carrying out detailed work sitting at a desk/table and working on the computer. Some travel may be required. 

ABOUT US

At Bright Health, we brought together the brightest minds from the health care industry and consumer technology and together we created Bright Health: a new, brighter approach to healthcare, built for individuals. Our plans are easy to manage, personalized and more affordable, giving people the quality care they deserve. Through our exclusive care partnerships with leading health systems in local communities we are reshaping how people and physicians achieve better health together.

We’re Making Healthcare Right. Together. 

We've won some fun awards like: Great Places to Work, Modern Healthcare, Forbes, etc. But more than anything, we're a group of people who are really dedicated to our mission in healthcare. Come join our growing team!

As an Equal Opportunity Employer, we welcome and employ a diverse employee group committed to meeting the needs of Bright Health, our consumers, and the communities we serve. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

BRIGHT ON!