ABOUT THE ROLE
The Sr. Security Engineer is a member of the Bright Health Information Security Organization and involved in building, maintaining and supporting public cloud security and engineering initiatives. This person will be required to work effectively and seamlessly with our engineering organization’s existing security, engineering and cloud operations.
If you'd like to work with NextGen security technologies like DLP (Data Loss Prevention), EDR (Endpoint Detection & Response), MDM (Mobile Device Management and SIEM (Security Information Event Manager) then this may be the place for you!
- Work closely with engineering & SRE teams to build Azure public cloud security controls based upon policies and standards
- Advise engineering teams in secure web application practices and communicate risks effectively
- Integrate cloud security solutions with security tools
- Communicate security risks and support incident response/remediation activities
- Document & communicate existing and new cloud security standards
- Serve as trusted advisor in evaluating and recommending existing (as well as future) security tools
EDUCATION, TRAINING, AND PROFESSIONAL EXPERIENCE
- 7+ years of experience in information security, preferably in a medium to large software product company (3+ years if applicant has bachelors degree or higher in a technical field such as computer science)
- Prior experience with cloud technologies, web application security and containerization (preferably Azure and Kubernetes)
- Prior experience with maintaining & utilizing an enterprise vulnerability management system (Tenable, Qualys, etc.)
- Prior experience with maintaining & utilizing logging, monitoring & security analytics solutions such as SIEM solutions, IDS/IPS solutions, Azure Security Center, etc.
- Prior basic experience with a scripting language such as Python, Bash, Perl, Go etc.
- Familiarity with SSO and IAM technologies (to include OKTA, Azure Active Directory, etc)
- Competency in cloud environments (preferably Azure)
- Basic understanding of enterprise networking concepts
- Strong understanding of encryption systems and algorithms
LICENSURES AND CERTIFICATIONS
- Vendor neutral cloud, offensive security and web application security certifications preferred: CCSP, CSSLP, OSCP, OSWE, OSCE, Azure AZ-500, eJPT, eWPT, eWPTx, eCPPT, eWDP, relevant SANS certifications, etc
At Bright Health, we brought together the brightest minds from the health care industry and consumer technology and together we created Bright Health: a new, brighter approach to healthcare, built for individuals. Our plans are easy to manage, personalized and more affordable, giving people the quality care they deserve. Through our exclusive care partnerships with leading health systems in local communities we are reshaping how people and physicians achieve better health together.
Bright Health is tripling its footprint in 2019 to offer a variety of health insurance plans to more individuals. Bright Health operates health insurance offerings across Individual and Family Plan segments and the Medicare Advantage space in Alabama, Arizona, Colorado, Ohio, New York and Tennessee.
We’re Making Healthcare Right. Together.
We've won some fun awards like: Great Places to Work, Modern Healthcare, Forbes, etc. But more than anything, we're a group of people who are really dedicated to our mission in healthcare. Come join our growing team!
As an Equal Opportunity Employer, we welcome and employ a diverse employee group committed to meeting the needs of Bright Health, our consumers, and the communities we serve. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.