Information Security Engineer
Back to Career Site
Our Mission is to Make Healthcare Right. Together. Built upon the belief that by connecting and aligning the best local resources in healthcare delivery with the financing of care, we can deliver a superior consumer experience, lower costs, and optimized clinical outcomes.
What drives our mission? The company values we live and breathe every day. We keep it simple: Be Brave. Be Brilliant. Be Accountable. Be Inclusive. Be Collaborative.
If you share our passion for changing healthcare so all people can live healthy, brighter lives – apply to join our team.
SCOPE OF ROLE
The Security Engineer 1 is a member of the Bright Health Information Security Organization and involved in building, maintaining and supporting public cloud security and engineering initiatives. This person will be required to work effectively and seamlessly with our engineering organization’s existing security, engineering and cloud operations.
ROLE RESPONSIBILITIES
- Analyze and investigate events from cybersecurity appliances or reported incidents
- Document standard operating procedures matching day-to-day InfoSec operations
- Establish and maintain strong working relationships with all team members and all business units
- Autonomously analyzes and implements optimal settings and configurations to perform vulnerability scans of networks, operating systems, applications, containers, cloud resources, and other information systems
- Triage and formulate remediation plans and/or compensating controls together with appropriate timelines following vulnerability scans using input from system owners
- Perform day-to-day analysis of logs to detect anomalies or events that could lead to incidents
- Use threat intelligence to develop new detections and preventative measures across the enterprise
- Responding swiftly and effectively to potential security incidents reported to InfoSec. Establish and maintain strong working relationship with all team members and all business units
EDUCATION, TRAINING, EXPERIENCE
- BA/BS in Computer Science, Information Technology, SANS training or equivalent experience
- 1-3 years of experience in Information Security
- Hands-on experience with Vulnerability Scanning & Management tools (e.g. Nexpose, Tenable, Prisma Cloud, Kenna Security, etc.)
- Self-motivated while demonstrating a passion for Cybersecurity
- Familiar with Cloud Security Alliance and SANS top 20 critical controls
- Must have strong communication and teamwork skills
- Familiarity with Anti-Virus, Firewalls, IDS/IPS, NAC, WAS, SIEM, OSI model and CIA triad
- Familiar with LINUX/UNIX/Windows/Powershell command line
- ISACA, (ISC)2, Offensive Security or relevant industry certifications preferred
We are realizing a completely different healthcare experience where payors, providers, doctors, and patients can all feel connected, aligned and unified on the same team. By eradicating the frictions of competing needs, we are making it possible to give everyone more of what they want and deserve. We do this by:
Focusing on Consumers
We understand patient pain points, eliminating complexity while increasing transparency, for greater access and easier navigation.
Building on Alignment
We integrate and align individual incentives at all levels, from financing to optimization to delivery of care.
Powered by Technology
We employ our purpose built, integrated data platform to connect clinical, financial, and social data, to deliver exceptional outcomes.
As an Equal Opportunity Employer, we welcome and employ a diverse employee group committed to meeting the needs of Bright Health, our consumers, and the communities we serve. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.