Information Security Engineer
Share
Job Location:
Austin, TX - USA
Monthly Salary:
Not Disclosed
Posted on:
29 days ago
Vacancies:
1 Vacancy
Job Summary
Everlywell is a digital health company pioneering the next generation of biomarker intelligencecombining AI-powered technology with human insight to deliver personalized actionable health answers. We transform complex biomarker data into life-changing insightsseamlessly integrating advanced diagnostics virtual care and patient engagement to reshape how and where health happens.
Over the past decade Everlywell has delivered close to 1 billion personalized health insights transforming care for 60 million people and powering hundreds of enterprise 2024 alone an estimated 1 in 86 U.S. households received an Everlywell test solidifying our spot as the #1 at-home testing brand in the country. And were just getting started. Fueled by AI and built for scale were breaking down barriers closing care gaps and unlocking a more connected healthcare experience that is smarter faster and more personalized.
As a member of the security team at Everlywell you will have the opportunity to shape the security detection operations and incident response processes. You will research and discover the latest threats on product cloud infrastructure workloads containers and develop methods queries and dashboards to detect and visualize events of interest. You will develop incident response playbooks to allow quick resolution of identified security ll work across many teams including infrastructure engineering product compliance and across multiple streams. Were looking for someone that has deep technical expertise in threat detection incident root cause analysis querying and alerting using SIEM systems automation AWS cloud and the experience to join a fast-paced growing team tackling challenging problems at scale.
What Youll Do:
- Threat Detection: Its important to detect security incidents before they cause material damage to the business. You will detect attacks and prioritize analyze and drive alerts to the event an alert is identified as a security incident you will kick off
- Incident ResponseIncident Response: You will rapidly scope contain and eradicate threats minimizing financial legal business and content losses. Services include but are not limited to root-cause analysis memory and disk forensics reverse engineering network containment threat eradication and postmortems. You will also develop and refine processes plans and procedures and partner closely with Legal Comms and other stakeholders across the business.
- Design and carry out security incident preparedness activities such as compromise assessments and tabletop exercises and conduct training and awareness sessions for relevant staff.
- Deploy and support tools to collect and correlate security telemetry. Tooling includes Network Detection and Response SIEM Endpoint Detection and Response Threat Intelligence platforms and Security Orchestration Automation and Response tools.
- Design and implement security controls across cloud network and application layers.
- Drive the adoption of best practices for security through the SDLC
- Build automated guardrails to enhance the security of our applications
- Automate vulnerability management secrets management and patching.
- AI first mindset for building out Security Automations and Threat Detection
- Educate the engineering team on defensive coding
- Support HIPAA HITRUST and SOC2 compliance efforts.
- Work with Privacy and Compliance to document and monitor our security practices.
- Partner with product engineering teams on secure cloud development practices and build security automation into CI/CD pipelines
- Improve vulnerability management processes and security control maintenanceCollaborate with senior leaders to assess near-term and long-term security needs.
- Collaborate with senior leaders to assess near-term and long-term security needs.
Who You Are:
- Naturally curious and interested in security and privacy
- Comfortable engaging with departments outside of engineering to heighten security
- Experience with vulnerabilities exploits and their defenses
- Can balance articulating the big picture and details depending on the audience
- Eager and excited to evangelize security
- Knowledge of Cybersecurity Frameworks: HITRUST NIST ISO
- Collaborates well with cross functional team members: product compliance privacy and engineering in a fast paced regularly changing environment
- Is most comfortable when theres too much to do and can juggle a variety of tasks
- Everyone knows that when you take on a task whether its huge and scary or tiny and boring youre going to see it through
What Youve Done
- BS (or equivalent) in Computer Science Software Engineering or related field.
- 5 years of Experience with Cloud security (AWS Azure etc.)
- Experience with secure SDLC best practices
- Understanding of authentication protocols and frameworks (OAuth SSO/SAML OpenID etc.)
- DevOps and configuration management with tools like Terraform Ansible etc.
- Conversant with REST and/or GraphQL
- Experience with Zero-Trust architectures.
- Familiarity with common security tools: SIEM EDR vulnerability scanning and secrets management.
- Juggled a variety of different responsibilities
- Influenced or inspired cross functional teams to take action around security
- Advanced programming experience (Ruby Python Golang Bash etc)
- At least one of the following or equivalent certifications:
- Security (CompTIA)
- Network (CompTIA)
- Microsoft Security Compliance and Identity Fundamentals (SC-900)
- Microsoft Azure Fundamentals (AZ-900)
- AWS Cloud Practitioner
- AWS Security Specialty
- ISSP
Key Skills
- International Development
- Access Control System
- Finance Control
- Informatica
- Information Technology Sales
- Asp.Net MVC
About Company
Home health testing has never been easier. Order at-home tests directly to your door and get your results online within days.
