|Location||Mountain View / San Francisco|
|Preferred GIAC Certifications||GCIH, GCIA|
HealthTap is delivering universal access to quality, primary healthcare, HealthTap improves the experience for both patients and doctors while saving time and reducing costs for all. HealthTap’s doctor-trained, augmented intelligence system personalizes users’ care and enables an instant connection to doctors and their knowledge from 147 specialties. HealthTap serves its app to employers, insurance companies, health systems, and users around the world. More than 100,000 doctors and 8 million members have trusted HealthTap for immediate access to healthcare.
We believe technology improves, simplifies, and accelerates access to healthcare by guiding consumers toward a more personalized experience, expediting treatment, coordinating care, and freeing doctors to focus on what they do best.
HealthTap is well capitalized, having raised over $88 million. We are backed by an esteemed collection of venture capital firms including Khosla Ventures, Mayfield, Mohr Davidow, and Samsung. Each of these firms is deeply committed to HealthTap and are optimistic about HealthTap’s vision for the future of healthcare.
As our Information Security Engineer, you will help ensure the trusted and optimal operations of our production and corporate computing environments with a cloud forward approach. This position will set up the tools and procedures for our team to monitor the security posture of the company for internal and external risks to our systems, networks, and data. As part of these efforts, you will be responsible for developing and implementing security solutions in concert with various HealthTap teams (to include DevOps, Engineering, IT, HR, etc). Being a cloud forward company, automation and monitoring is key - you will lead the design and development of secure automation practices in an agile framework to support compliance and security for the HealthTap cloud infrastructure at scale, for both production and corporate security infrastructure/efforts. With this focus, you will be key in implementing and managing all of the daily and ongoing information security risk management efforts and programs for HealthTap, to include incident response and security operations. This role reports to our Head of Security and can be located in our Mountain View or San Francisco offices. The expectations of travel are minimal, other than between our Mountain View and San Francisco offices.
• Help implement a capability driven and highly automated approach to our security operations, monitoring & detection, incident response capabilities, and our overall information security risk management program efforts
• Facilitate and embed security controls into our continuous integration and delivery process efforts, baking security into the infrastructure
• Set up monitoring dashboards, alerts, log management, and other security operations capabilities by utilizing industry standard tools and platforms (open source or commercial technologies) with our currently deployed toolsets/platforms
• Ensure our currently deployed toolsets/platforms are deployed and configured optimally with our business needs and risk thresholds in mind
• Monitor for, provide analysis on, and take action on identifying and mitigating risk:
o Current happenings in the information security space.
o Findings from information technology and information security monitoring and detection toolsets.
o Reports from assessments, to include external auditors and penetration testers.
o Alerts and detections from our monitoring tools.
• Conduct analysis on findings, pulling together indicators of compromise (IoCs), event timeline, and summary of situation with recommendations for mitigation and path forward.
• Present evidence and findings to leadership, customers, and possibly law enforcement and legal entities.
• The deployment, secure configuration, and management of our monitoring and detection as well as other security toolsets.
• Documentation and best practices for the team’s efforts.
• Recommendations and best practices for securing our services, networks, and systems.
• Assist in the coding/scripting of automation for information security monitoring and mitigation actions.
• Solve problems relating to critical services and business processes that improve our security risk posture and business processes.
• Ability to monitor, evaluate, and interpret vulnerabilities/CVEs, vulnerability assessments, cloud platform/system/device/IDS/IPS logs, threat analysis, and malware.
• In-depth knowledge on how to administer and effectively manage monitoring and detection systems that are UNIX, Linux, and/or BSD based that are based in AWS.
o Understand security concepts in AWS cloud and familiarity with available AWS security tools, such as Inspector, GuardDuty, Config, CloudTrail, etc.
• Familiar with log management and security analytics tools for AWS, including open source tools such as ELK (ElasticSearch, Logstash, & Kibana), Greylog, etc.
• Experience with integrating security in the continuous integration, continuous delivery, and continuous deployment (CI/CD) pipeline (running unit tests, running security tools, managing secrets using Vault) using configuration management and automation tools such as Jenkins, Chef, Ansible, Puppet, etc.
• Proficiency with using and securing popular cloud services (SAAS, IAAS, etc.).
• In-depth, practical knowledge of how legitimate users administer, use, and secure common operating systems and cloud platforms, and how malicious actors exploit them.
• In-depth knowledge of how legitimate users administer, use, and secure common consumer and enterprise network devices and systems, and how malicious actors exploit them.
• Thorough understanding of computer networking, routing, and protocols.
• Understanding of information security architecture, mitigation of threats, and compensating controls.
• Knowledge of vulnerability and patch management concepts and tools
• Experienced in scripting languages, such as Python, Perl, Ruby, Bash
• Experience with and proven methods for managing the information security incident lifecycle, including incident response, mitigation, after-action reporting, and mapping a path forward.
• Knowledgeable about and able to apply open-source and proprietary information within the industry.
• Excellent oral and written communications skills for working with a diverse professional clientele with varying levels of technical experience. Ability to interact with customers and co-workers both in person and in writing.
• Ability to research highly technical topics and derive logical conclusions using well thought out processes.
• Ability to combine information from various sources into clear, concise technical documents that explain the background and procedures for detecting and mitigating risks.
• Experience with enterprise risk management programs, including internal audits, consulting engagements, information technology reviews, audit, and compliance efforts.
• A willingness and desire to learn.
• Possess and nurture a hacker mentality: Being able to visualize issues and possible solutions outside the box.
• Must be a conscientious, punctual, professional and devoted member of our team; with the ability to safeguard sensitive, restricted, and other information deemed to have special handling and dissemination protocols.
• Highest level of ethics and core values.
• Experience with Regular Expressions (REGEX).
• Effective when working under pressure and good enough to make sure that rarely happens.
• Experience with both RDBMS (MySQL) and NoSQL (Cassandra, Couchbase, Mongo).
• Experience with and proven methods for analyzing and interpreting information from Security Operations Centers (SOCs), Computer Security Incident Response Teams (CSIRTs), or SecOps systems
• Familiarity with digital forensics procedures and tools, malware analysis, and reverse engineering.
• Ability to apply statistics and other mathematical methods to data analysis.
• Bachelor's degree, a combination of experience and/or Associates degree, or an equivalent combination of equivalent education and work experience. Degree must be from an accredited institution, with degree in a technical discipline or significant coursework in software development, information security, or information technology is preferred.
• Having or planning to have SANS certifications is a plus. Examples: GIAC Certified Incident Handler (GCIH), GCIA: GIAC Certified Intrusion Analyst, Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance (CSA). The ability to articulate and demonstrate skills are as or more important than the certification.
• At least five (5) years in Information Technology and/or Information Security, including at least three (3) years doing information security risk management, including intrusion analysis, monitoring and detection, and threat/vulnerability analysis in a cloud forward business environment.
• Casual, contemporary, comfortable offices based in downtown Mountain View (near Stanford) and San Francisco (near Jackson Square)
• Caring for our team with fantastic benefits
o Competitive salary
o Full medical, dental, and vision coverage
o Daily catered lunches
o Healthy snacks and beverages
o Equity share
o Subsidized gym memberships
o Choice of technology
o Dog-friendly offices
o Much more...