Lead Infrastructure Security Engineer
Oscar is a health insurance company that is using technology to make quality health insurance more affordable. Every day, we are making a difference in people’s lives. We build intuitive and powerful systems for people who use our insurance, for our staff, and for others in the healthcare ecosystem. Security of these systems is paramount to us. People who use Oscar trust us with their confidential data, and we must honor their trust. We are looking for a passionate infrastructure security leader who is excited to take on significant responsibilities in this goal and help us build a world class security program.
As a Lead Infrastructure Security Engineer, you will lead our infrastructure security efforts, partnering with our cloud and on premise infrastructure engineering teams to enhance the security of our systems and help establish security best-practices. Working as a direct report to our Head of Information Security, you will play a critical role in setting the course for infrastructure security initiatives, making strategic decisions, and building security into our systems and processes.
We believe in idea meritocracy and maintain open communication environment where our team members are encouraged to contribute and where their contributions are valued.
While we are looking for people with domain expertise who could hit the ground running, we encourage our staff to cut across multiple information security disciplines, so that they participate in broader range of projects and grow professionally.
- 4+ years of work experience in infrastructure security roles
- Strong understanding of securing cloud environments
- Strong understanding of hardening the Linux operating system
- Expert knowledge of common infrastructure security vulnerabilities
- Experience with using a scripting and/or programming language (e.g. Python, Go, bash) and the ability to learn new languages
- Ability to recommend and implement best-in-class commercial and open source infrastructure security tools
- Ability to participate in design reviews with an eye for security vulnerabilities
- Ability to create strategic roadmaps for infrastructure security at Oscar and deliver on key results
- Being able to articulate and prioritize security risks related to specific processes
- A willingness to work collaboratively across the team and company
- Experience with infrastructure-as-code
- Experience with AWS and CentOS
- Ability to submit production-quality code changes
- Ability to perform security assessments of third-party infrastructure
- A strong drive to figure out how things work and how to break them
At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we work to cultivate an environment where exceptional people can be their most authentic selves and find both belonging and support. We're on a mission to change healthcare -- an experience made whole by your unique background and perspectives.
Oscar applicants are considered solely based on their qualifications, without regard to applicant’s disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team ([email protected]) to make the need for an accommodation known.
Pay Transparency Policy: Oscar's Pay Transparency Policy ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.