Infrastructure Security, Team Lead
Company profile:
Flatiron Health is a leading healthcare technology and services company focused on improving oncology patient care and accelerating cancer research. Our products connect community oncologists, academics, hospitals, life science researchers, and regulators on a shared technology platform. We work with both community oncologists and life sciences customers to see how the billions of data points on cancer patients can generate meaningful real-world evidence, and also accelerate clinical trials.
Flatiron believes that we can learn from the experience of every patient.
Every customer places a tremendous amount of trust in us to properly secure their medical information. The Infrastructure Security team is a crucial pillar in maintaining our commitment to a best in class information security program.
About you:
The ideal candidate will have mid to strong competency in each of the domains below and expert competency in at least one of them. The main purpose of this role is to understand how all of the pieces of our organization and infrastructure fit together, and prioritize them in a threat model in the context of healthcare technology. Candidates should have the appropriate leadership capabilities to develop road maps for overall infrastructure security strategy, develop key performance indicators (KPI’s) to track security posture of specific areas and concerns over time.
About the role:
This role will maintain the responsibility of working with internal and external stakeholders across the organization as appropriate. This role will lead junior and senior Infrastructure Security Engineers to drive the mission and goals of the team. This role will work tightly with heads of Governance Risk and Compliance, Incident Detection and Response, Product Security, Systems Operations, and Information Technology teams. This role will also involve hands on keyboard technical work.
Domains of expertise:
- AWS Cloud:
- AWS Security controls, IAM, S3 buckets, Security Groups, VPC’s, telemetry sources
- Endpoint:
- Selection and technical ownership of the infrastructure behind prevention, detection & visibility of attacks targeting Mac and Windows.
- Network:
- TCP/IP, DNS, Intrusion Detection/Prevention Systems, PCAP & Netflow analysis
- Threat Modeling:
- In-depth knowledge of the attacker life cycle & industry models such as the Kill Chain or MITRE ATT&CK Framework. Ability to prioritize and make risk based decisions based on multiple technological and organizational constraints and apply these concepts to the unique healthcare technology space in which Flatiron operates.
Technology platforms leveraged by team:
- AWS
- Ansible
- Google Enterprise Apps suite (With authorization handled by underlying Microsoft Active Directory)
- 2 Factor auth
- EDR/AV
- Next Gen Firewall / VPN / Wifi
- Splunk
- Automation & Orchestration Platform
- Mac Laptops
- Win10 laptops
- Linux / Windows Servers
- General automation skill set/ability to efficiently set up automated workflows