DevSecOps with NexHealth

San Francisco, US

$175K - 205K a year

We connect patients, doctors, and developers to accelerate healthcare innovation. Our customers range from independent doctors offices like Grand Street Dental to public tech companies like SmileDirectClub. We help doctors modernize their businesses, help developers innovate faster, and help patients receive a modern healthcare experience. We're pursuing a society-changing goal and the market opportunity is open for the taking. We've 5X'd in the last year, and as an early stage employee you will have the chance to make a foundational impact on our company's continued growth.

To date, NexHealth has raised $50M of capital from prominent product-driven investors like Rahul Vohra, Scott Belskey and Naval Ravikant, and we're just getting started.

Engineering at NexHealth

The healthcare industry is highly regulated and fragmented. Patients crave unified access to their healthcare information. Doctors want to modernize the patient experience. Developers want to quickly build and launch new products. To do this, we need to create a multi-faceted product which each of these stakeholders cannot live without.

Our engineering team is building new infrastructure to bolster the healthcare industry. We address complex problems and artfully connect antiquated systems with NexHealth's technology to create a seamless experience for patients, doctors, and developers.

We are looking for a Senior Security Engineer to develop and own the deployment of security patches to our production infrastructure. Success in this role will make all aspects of our engineering team more successful by building up our security around our core infrastructure including monitoring and proactive solutions.

What You'll Do

  • Develop internal tooling for automatic deployment of security patches to our production infrastructure.
  • Build out, test and maintain disaster recovery solutions and tabletop exercises.
  • Own and manage our security vulnerability monitoring and intrusion detection systems. Ensure we are proactively fixing issues raised.
  • Work in tandem with our development teams (code/configuration flaws) to ensure we are addressing security concerns in our architecture and development efforts. Identify and develop tools to improve this process.
  • Develop tools to automate the ongoing security auditing of IAM permissions and other AWS configurations
  • Ensure adherence to all development & security standards across the org
  • Deploy new systems with best practices and security
  • Identify and improve on possible points of failure in the infrastructure/applications
  • Ensure high quality monitoring coverage to prevent alert fatigue
  • Develop self-service processes and tools interactions for development teams
  • Collaborate with development teams around best practices
  • Help build an amazing team!

What You'll Bring

  • Background in Product Security and/or Application Security teams with enterprise and/or cloud applications.
  • Experience with security integrations with 3rd party systems
  • Experience turning feedback from security analysis tools (Amazon Inspector, etc) into infrastructure improvements
  • Experience with containers (ie Docker) and Container Orchestration Systems (ie. Kubernetes), and container security.
  • Experience managing and automating AWS deployments
  • Experience working on crypto primitives, authentication protocols, and authorization standards (ie. SAML, OAuth, SSL/TLS, SAML, OAuth)
  • Experience working with IT and engineering teams to develop security controls across the company
  • Passion for solving challenging problems and iterating quickly
  • Knowledge of information security standards rules and regulations related to information security and data confidentiality (e.g. HIPAA, PCI, DSS, etc.)
  • We're built on Ruby, Python and PostgreSQL. Experience here is desired.
  • B.S. or greater Computer Science or another technical field

NexHealth Values

  • Do what's right for the customer. We believe that our customers are our bosses. This approach unites us as we ruthlessly prioritize our initiatives in the best interest of our customers.
  • Act like an owner. Job titles don't constrain us, and we are energized by going beyond the scope of our immediate role to achieve our goals. We take pride in exceeding expectations and believe we're each responsible for NexHealth's success.
  • Speak your mind (with positive intent). We need to grow really big really quickly in order to take the market and transform the healthcare industry. In order to fully realize our mission, we value direct and transparent communication to get to the truth as quickly as possible - even if that means challenging authority. That said, we don't tolerate brilliant jerks.
  • Think in first principles. Before taking action, we need to ensure we're solving the right problems. We question assumptions and consistently inquire “why” before pursuing solutions.
  • Play to win as a team. We act in the best interests of our customers, which means we need to be champions who hustle and demonstrate grit. In order to win, we play as a team - even if that means putting the group's needs before our individual interests. This is how we succeed together.

Benefits

  • Competitive salary plus equity
  • Full Medical, Dental and Vision
  • Unlimited PTO