Sr. DevOps Security Engineer
LOCATION: Santa Monica, CA
TITLE: Sr. DevOps Security Engineer
REPORTS TO: VP, DevSecOps
As an integral part of the operations team, the Sr. DevOps Security Engineer is passionate about security and wants to have a meaningful impact within the Healthcare space. This individual will be part of a team charged with making sure TigerConnect is secure and stays at the top level of security and reliability in the industry. Join us and help manage/secure our AWS hosted infrastructure. Responsibilities will include hands-on security management, monitoring, discovery, and remediation of all security related issues while working cross functionally with other departments on company-wide initiatives and compliance.
The Sr. DevOps Security Engineer will have at least 5+ years of commercial experience as a Security Engineer (including at least 3 years of current commercial experience as a DevOps Engineer) with specific focus on public cloud infrastructure, multi-tenant enterprise software security, compliance programs (HIPAA/HiTrust/FedRamp), and supporting production 24x7 highly available infrastructure with a DevOps mindset.
The ideal candidate's background will include a strong emphasis on information security, infrastructure as code/automation, public cloud infrastructure, compliance, secure software development, and other security best practices.
What You'll Own:
- Contribute to the design and integration of cyber security toolsets to enable more automated discovery, remediation, and alerting of system vulnerabilities.
- Architect and integrate security tools into the CI/CD pipeline.
- Architect, manage, and remediate findings from security tools, pen test reports, and compliance requirements.
- Manage and maintain compliance and certifications (existing and new).
- Help select and manage relationships with security vendors and partners.
- Analyze and respond to production security notifications in a timely manner.
- Foster DevSecOps culture and advocate for a security-first mindset amongst Security, QA, Development, and DevOps teams.
- Deploying web and service-based applications in multiple instances of our PaaS.
- Continually research, evaluate, and apply emerging technologies to improve security and the products.
- Provide technical oversight to the development process including reviewing the technical design and the deployment architecture.
- Work cross functionally with all departments to assist with security related issues as it relates to engineering, client care, and sales teams.
- Willingness to take ownership, troubleshoot hands-on, and be on-call for security issues in a 24/7 environment.
What You've Accomplished:
- Experience in monitoring and responding to security events
- Proven track record of creating secure cloud architectures for mission critical Internet-facing applications.
- Expertise implementing and maintaining compliance (HIPAA, HI-TRUST, FEDRAMP)
- Experience with build-time dependency management, unit testing and code-coverage tools, test automation techniques and tools.
- Experience and understanding of microservices architecture, design patterns, and secure software development methodologies.
- Experience building and managing infrastructure-as-code including automation/scripting tools and languages.
- Experience in DevOps culture and the ability to teach and profess is highly desired.
- Ability to communicate security and risk-related concepts to technical and nontechnical audiences at both the executive and working level.
What You Bring to the Table:
- Background in monitoring and securing cloud environments
- Linux and configuration management tools (Chef and Terraform)
- Strong public cloud experience (AWS)
- Security certifications are a plus (CCSP, CISSP, AWS Security)
- Security policy development, implementation and enforcement.
- Integrating security into a CI/CD pipeline
- SSL certificate and key management policies
- Scripting in either Python, Ruby, or Bash.
Who We Are:
TigerConnect is healthcare’s most widely adopted communication platform – uniquely modernizing care collaboration among doctors, nurses, care teams, and patients. TigerConnect is the only solution that combines a consumer-like user experience for both clinical and patient communication with serious security, privacy, and clinical workflow requirements that today’s healthcare organizations demand. TigerConnect accelerates productivity, reduces costs, and improves patient outcomes.
Trusted by more than 6,000 healthcare organizations, TigerConnect maintains 99.99% verifiable uptime and processes more than 10 million messages each day.
It is recognized as a top Cyber Security Company to Know, one of the 5 Sizzling Silicon Beach Startups to Watch by Entrepreneur, Best Tech Startups in Santa Monica (2019 & 2020) and a Best Places to Work in Healthcare 5 years in a row (2015, 2016, 2017, 2018, and 2019). TigerConnect currently has over 150 employees with offices in Santa Monica, San Jose, and Shanghai.
Why We’re Different:
- Prime office space in the major tech ecosystems of California - Silicon Beach and Silicon Valley - each complete with a loaded fridge and tons of other perks (think rock climbing wall, food trucks, yoga, happy hours & more)
- An opportunity to work closely with a proven executive team, board, and serial entrepreneurs (www.tigerconnect.com/about)
- A fun environment that embraces a “work hard-play hard” culture
- We have team members that love what they do and are willing to go the extra mile to help clients, support the company's rapid growth, and ultimately optimize healthcare workflows
- This is a full time opportunity with a competitive salary, medical benefits, and 401K matching plan
TigerConnect is an Equal Opportunity Employer.
*Recruiting firms that submit resumes to TigerConnect without first entering into a written contract with TigerConnect will not be entitled to any compensation on candidates referred by that firm.