Principal Software Engineer (Cloud Security) at PatientPop
PatientPop is a healthcare technology company that helps practices thrive with an all in one practice growth solution. Our platform empowers practices to promote themselves online, attract patients, and retain them for life. We improve every digital touchpoint along the patient journey, so patients can easily find and choose a practice, and become their advocate. We also improve every aspect of a practice’s online presence to help them attract the right patients to their services, and keep them coming back.
We've helped thousands of providers since our founding in 2014. Along the way, we cultivated an incredible work environment.
How you will contribute:
- Develop guidelines for, implement and review security configurations for an AWS based HIPAA compliant SaaS environment
- Develop proactive security monitoring and alerting capabilities
- Build security automation into infrastructure deployment and CI/CD pipelines
- Perform manual and automated compliance, vulnerability and penetration testing
- Demonstrate and promote security best practices
Skills you'll bring:
- Experience securing Linux, container (Docker/ECS/Kubernetes) and lambda based workloads along with AWS services (IAM, EC2, ECS, RDS, S3, KMS, etc.)
- Experience with penetration testing, threat modeling, open source, and commercial security tools
- Knowledge and understanding of CI/CD and automation tools (Jenkins, Ansible, Git, Maven etc.)
- Ability to write code to solve security issues. Writing security tools, or automation/management of security-sensitive environments.
- Deep knowledge of AWS IAM and VPC; how to configure least privileged access.
- Use of tools such as Terraform, CloudFormation, Cloud Custodian for managing security in public cloud environments.
- Use of vulnerability management tools (Tenable, CrowdStrike, Prisma, etc.)
- Hands on experience with SIEM, IDS, IPS and WAF solutions
- Familiarity with security and compliance frameworks such as HIPAA, HITRUST, SOC2, ISO 27001/27013, NIST 800-53
- General understanding of common web application deployment models and components
- You’re curious, love to learn and to dig into new technologies, and can pick them up quickly
- You demonstrate strong technical architecture and platform engineering skills along with the ability to switch between technology paradigms
- You’re a go-getter and seek ownership of projects with the demonstrated ability to deliver results
- You love working with some of the best world class engineers, product managers and architects
- You strive to excel, innovate and take pride in your work
- Opportunities to host PatientPop talks
- Dog friendly
- Weekly catered lunches
- 100% fully-paid health, dental and vision options
- Stock options
- 401 (k)
- Flexible schedule
- Maternity & Paternity leave
- And many more perks!
We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance.