“Making Healthcare Right. Together.” is the cornerstone of all we do. Our vision is to deliver the best healthcare experience by putting brilliant minds, empathetic hearts and personalized technology to work to create meaningful relationships between our members and Care Partners. To successfully achieve our mission and vision as we operate in a dynamic health care environment, we expect Bright People to embody and uphold our core values in work and interactions, both internal and external: Be Purposeful, Be Authentic, Be Brave, Be Positive, Be Respectful, and Be Accountable.

ABOUT THE ROLE

The Sr. Security Engineer is a member of the Bright Health Information Security Organization and involved in building, maintaining and supporting public cloud security and engineering initiatives. This person will be required to work effectively and seamlessly with our engineering organization’s existing security, engineering and cloud operations.

If you'd like to work with NextGen security technologies like DLP (Data Loss Prevention), EDR (Endpoint Detection & Response), MDM (Mobile Device Management and SIEM (Security Information Event Manager) then this may be the place for you!

YOUR RESPONSIBILITIES:

• Works closely with engineering & SRE teams to build Azure public cloud security controls based upon policies and standards
• Integrates cloud security solutions with security tools
• Documents & communicates existing and new cloud security standards
• Designs and implements cloud native application & platform security controls
• Serves as trusted advisor in evaluating and recommending existing (as well as future) security tools

EDUCATION, TRAINING, AND PROFESSIONAL EXPERIENCE:

• 7+ years of experience in information security, preferably in a medium to large software product company (3+ years if applicant has bachelors degree or higher in a technical field such as computer science)
• Prior experience with cloud technologies, web application security and containerization (preferably Azure and Kubernetes)
• Prior experience with maintaining & utilizing an enterprise vulnerability management system (Tenable, Qualys, etc.)
• Prior experience with maintaining & utilizing logging, monitoring & security analytics solutions such as SIEM solutions, IDS/IPS solutions, Azure Security Center, etc.
• Prior basic experience with a scripting language such as Python, Bash, Perl, Go etc.
• Familiarity with SSO and IAM technologies (to include OKTA, Azure Active Directory, etc)
• Competency in cloud environments (preferably Azure)
• Basic understanding of enterprise networking concepts
• Strong understanding of encryption systems and algorithms

LICENSURES AND CERTIFICATIONS:

• Vendor neutral cloud, offensive security and web application security certifications preferred: CCSP, CSSLP, OSCP, OSWE, OSCE, Azure AZ-500, eJPT, eWPT, eWPTx, eCPPT, eWDP, relevant SANS certifications, etc

 We’re Making Healthcare Right. Together. 

We've won some fun awards like: Great Places to Work, Modern Healthcare, Forbes, etc. But more than anything, we're a group of people who are really dedicated to our mission in healthcare. Come join our growing team!

Check out this great video showcasing just some of the fantastic Technology Team broadcasting from our ATX office!

As an Equal Opportunity Employer, we welcome and employ a diverse employee group committed to meeting the needs of Bright Health, our consumers, and the communities we serve. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

BRIGHT ON!