Security & Operations Lead / Principal Engineer
We are seeking a seasoned Security & Ops Lead with hands-on experience designing, developing, operating, and proactively maintaining a high-scale & secure online business. We are looking for a savvy entrepreneurial security specialist that will lead by example, reinforce, practice and engage security as everyone’s job, with mastery.
If you are seeking an opportunity to apply your Technology & Leadership talents to help fix America’s largest industry challenges, then look no further. As the Lead of Security Technology & Operations you will be immediately engaged in an opportunity to support the secure growth of a very meaningful global cause to transform the way people interact with healthcare systems. You will be making an impact that serves millions of consumers around the digital world.
What You'll Do
You will be engaged in 24x7 business operations that are serving millions of consumers, clients, and associated transactions supporting their healthcare needs.
You will be versed in governing & industry policies, best practices, & solutions related to privacy, security, data, and other business continuity standards and applicability to healthcare services.
You will have bias for continuously improving processes & solutions to ensure the company is managing risks, threats, mitigations, controls, and proactive operations.
You will be responsible for architecting, developing and operating b.well’s next generation platform with a security-first mindset applied throughout the ecosystem.
You will work closely with the executive leadership, product & technology leaders, customers, and actively engage with engineering teams.
You will partner with engineering and IT teams to build world-class security solutions that are woven into the fabric of our solutions, technologies, processes, and operations.
You will partner with engineering teams to operate & sustain a 24x7 always-on environment with real-time data, and disciplined processes in deployments, monitoring, and incident management, including root cause analysis to fix.
You will lead, orchestrate, and resolve medium to high severity incidents & calls
Design & innovate security & operational best practices, training, tools, dashboards, & integrated technologies as necessary to ensure proactive real-time available & secure operations.
Define and operate the Information Security Management System (ISMS) with support from business, product, engineering, and operation teams.
Proactively manage and operate the security and governance lifecycle with diligence in planning, operating, and reacting to business operations.
Participate in business, product, and development life cycles including directly supporting Agile teams delivery, where security concerns are integrated into day to day delivery processes.
Work with other security engineers, devops, and IT to automate reporting for and manually report on items required by b.well’s security audits, penetration tests, and certifications.
Cultivate solid collaboration amidst a vibrant global & diverse engineering team.
Lead with a high level of integrity and agility to navigate iterations and change course when needed.
You will safeguard sensitive data by following policies and training concerning your security and privacy responsibilities
Job Requirements:
7+ years of security technology and real-time operations experience that includes architecting, designing, coding, delivering, and managing security at scale across organizations.
7+ years of experience in operating a 24x7 high-scale secure services platform serving millions of customers.
Experience in OWASP, GDPR, PII, PCI, HIPAA, HITECH, or other associated governing standards, including their best practices.
Expertise with AWS or other cloud platforms and associated technologies necessary to enable a secure edge, web apps, dev-ops environment, microservices, and data management, etc.
Extensive experience security into the framework of development and operations, with automation, monitoring, and alerting approaches.
Experience working in high paced agile team environments with bias for collaboration, iterative learning, and customer-oriented results.
Experience in completing audits related to HITRUST, PCI, and/or SOC2
Solid mastery of security & data governance as related to privacy, security, data sharing, recovery, retention, auditing, and real-time proactive automation solutions.
Strong leadership and stakeholder management skills, with a win-win humble mindset.
Bachelors or master’s degree in Mathematics, Information Systems, Security Engineering, Computer Science, Computer Engineering, or equivalent work experience.
Great to Have
Startup and Enterprise experience
Good understanding of healthcare domain
Expertise in operational tools include DataDog, CloudTrail, AWS GuardDuty, or similar tools
Healthcare security expertise - HIPAA, HITECH, ISO 27799, and/or HITRUST Common Security Framework
CISSP, CISA, CISM, or other equivalent certifications
Job Perks:
Competitive compensation
Health, dental, and vision benefits
401k
Working with a small team of passionate and engaged people
Help fix our broken healthcare system & make a difference
About Us:
b.well is the heart of healthcare. We modernize access to healthcare with a consumer-centric approach that is convenient and simple. We help forward-thinking health plans, self-funded employers, and health systems give their members the experience they demand and deserve.
Our health management platform is the first to be able to break down the IT barriers that have for a long time made it impossible to connect disparate, siloed health data in a single place. The platform, offered on iOS, Android, and via a web app, unifies all aspects of a person’s health and puts the consumer in control. From consolidating complete medical record histories, providing transparent insurance information, integrating wearable and genomic data, and more; our goal with b.well is to make managing health and insurance simple.