Security Engineer (Operations) at Cedar
Cedar has built a Cloud-native platform that combines data science and machine learning to connect patients with healthcare providers in a way that helps solve the critical challenges of patient billing and payment. Our technology improves the overall experience of patient billing and engagement, enabling providers to thrive in a rapidly changing environment while helping patients understand the cost of their care. Patients put their trust in Cedar's platform, and so security and availability are an integral part of what we do.
As a Security Engineer focused on operations, you help Cedar understand ground truth about our environment and protect our company against threats new and old: ensuring sensitive data stays where it’s supposed to, that our systems are resilient to attacks and abuse, and that we have the insights to prove to our regulators and partners that we're good stewards of their data.
You'll be hands-on with our AWS infrastructure and codebase, building tools and alerts that provide situational awareness for both our corporate and production environments. As a cloud-native SaaS company, you won’t have many legacy responsibilities: we’re mostly containers and serverless architecture, Slack for coordination, and Mac endpoints, so no time spent securing Windows 2012 Active Directory. You’ll be joining a small security team where you’ll also have the opportunity to contribute to other operational functions. You'll work directly with teams across Cedar to keep the business moving quickly with targeted alerting and minimal noise.
* Cedar is committed to a flexible work environment, so this as well as many of our roles are remote friendly.
- Develop solutions to hunt, detect and respond to security threats in a legacy-free corporate environment
- Work with others to perform threat modeling, research and share threat intelligence specific to Cedar's business
- Build log ingestion pipelines, rules and responses in a mix of SIEM-specific language, scripts and code
- Help the business understand security issues by creating clear dashboards, prioritized rules and response runbooks based on knowledge of threat, risk and business value
- Work cross-functionally to support security-related business needs such as providing expertise to client account managers, coordinating operational incident response, and assuring our security and compliance commitments
Required skills & experience
- 4+ years in security or technology
- Proficient in at least one general purpose programming language (ideally Python)
- Experience with intrusion detection, log analysis, and endpoint detection tools
- Experience with AWS security, CloudTrail and configuration management
- Experience with incident response activities and threat hunting activities
- An understanding of web services, network engineering and Unix system operations
- Comfort balancing a need to get-things-done with repeatable processes and creative flexibility
Preferred Skills & Experience
- Familiarity with macOS endpoints, G Suite and the tools to support them
- Experience owning technical projects end-to-end, from architecture to implementation
- Experience responding to, and improving the processes around, compliance and vendor requests
- A record of participation in the open-source and security communities
- Comfort working with across the organization to explain security needs and propose solutions
What do we offer to the ideal candidate?
- An opportunity to work on a platform that is scaling very rapidly, engaging with millions of patients per year and growing at a rate of 360% YoY as of January 2021
- A chance to join a high-growth company at an early stage
- The ability to impact the growth of our company, we value all comments and suggestions
- Transparency across teams and interaction with multiple departments
- Competitive pay, employer-paid healthcare, stock options
Applicants must be currently authorized to work in the United States on a full-time basis. Cedar will not hire any applicants for Data Engineer who are present in the United States on an F-1 visa