Cityblock Health is the first tech-driven provider for communities with complex needs-bringing better care to where it's needed most, block by block. Founded in 2017 on the premise that "health is local" and based in Brooklyn, we are backed by Alphabet's Sidewalk Labs along with some of the top healthcare investors in the country.
Our mission is to improve the health of underserved communities. Importantly, our solutions are designed specifically for Medicaid and lower-income Medicare beneficiaries, and we meet our members where they are, bringing care into the home and neighborhoods through our community-based care teams and Virtual Care offerings.
In close collaboration with community-based organizations, local providers, and leading health plans, we are reorganizing the health system to focus on what matters to our members. Equipped with world-class, custom care delivery technology, we deliver personalized primary care, behavioral health, and social services to deliver a radically better experience of care for every member and community we serve.
Over the next year, we'll grow quickly to bring better care to many more members and their communities. To do this, we need people who, like us, believe that everyone should have good care for what matters to them, in their community.
Our work is grounded in a belief in the power of a diverse community. To close gaps in care and advance equity in the communities we serve, we have to start with making our own team diverse and inclusive. Our ways of working are characterized by creativity, collaboration, and mutual learning that comes from bringing together a community from diverse backgrounds and perspectives. We strive to ensure that every person on the Cityblock team, and every Cityblock member, feels supported and included as a part of our community.
- Aim for Understanding
- Be All In
- Bring Your Whole Self
- Lean Into Discomfort
- Put Members First
About the Role:
Cityblock is hiring for a passionate Cloud Security Engineer, someone who loves the world of cybersecurity and how their skills can help protect our Members' data.
The ideal candidate would have 5 years of hands-on systems experience, including architecting, deploying and securing cloud-based environments. Candidate should be a problem solver, able to identify areas for improvement and recommend innovation solutions leveraging the latest technologies.
The Cloud Security Engineer will be responsible for designing and delivering security solutions in Cloud infrastructure based on Cloud security standards, governance, and control practices. Conducts technical research when necessary to contribute to setting cloud security direction and strategy. Expert Knowledge in, Platform as a Service (PaaS), and Software as a Service (SaaS).
Define, communicate and implement security architecture and administration processes for GCP environments. Apply advanced consulting skills, extensive technical expertise, and full industry knowledge. Develop innovative solutions to complex problems. Provide expertise in the analysis, assessment, development and deployment of security solutions and architectures. Act as targeted subject matter expert (SME) for all things GCP security related. You will own the Incident Response program and make it more impactful by finding thoughtful ways to improve its management, analysis and reporting of incidents, and participation.
You must love security analysis and be constantly finding ways to expand your network and certification. You have a strong understanding of industry best practices, like HIPAA and HITECH, and how to effectively weave compliance standards into security protocols. And you really enjoy teaching people what you know about how to keep our Members' data safe.
Your role is critical in helping us support patients in communities hardest hit by COVID-19 through helping our care teams of community health partners, medical staff and social workers to problem-solve for our patients using opinionated information and driving action at a panel-level.
If you're inspired by such a challenge and are an amazing teammate and security analyst, we'd love to hear from you!
Requirements for the Role:
- You have a passion for doing mission-oriented work.
- You enjoy working with a diverse group of people with different expertise.
- You enjoy building and improving risk registers, incident response, and audit programs.
- You are really organized. Other people look to you for inspiration.
- You hold one or more cybersecurity certifications or are on track to acquiring one soon.
- You have working knowledge of HiTrust and how to effectively implement security measures for HIPAA Privacy and Security rules.
- You have an active and growing professional network in cybersecurity.
How We Define Success:
- Build and maintain strong relationships with your collaborators, including Engineering, IT, and Product teams
- Establish and maintain Linux OS hardened images for deployment in GCP
- Use JIRA and other tools to effectively identify, track, and communicate priorities amongst partner teams.
- Improve existing incident response by producing excellent analysis and executing fantastic project management
- Meaningfully plan for the scalability of vulnerability management and remediation activities
- Support internal and external pentesting activities
- Monitor and manage WAF and boundary Firewalls to include rule review and engage in the approval process for exceptions and Firewall changes.
Nice to Have, But Not Required:
- Google Cloud Certified Professional/ Cloud Security Engineer
- Certified Cloud Security Professional (CCSP)
- Expertise in industry best practices for the following
- HITRUST Common Security Framework
- National Institute for Standards and Technology ("NIST")
- NIST Special Publication 800-34 Revision 1 - "Contingency Planning Guide for Federal Information Systems."
- NIST Special Publications 800.53 Rev.4 and 800.171 Rev. 1, or as currently revised
- ISO/ IEC 27001
- Center for Internet Security - http://www.cisecurity.org
- Payment Card Industry/Data Security Standards ("PCI/DSS") - http://www.pcisecuritystandards.org/
What We'd Like From You:
- A resume and/or LinkedIn profile
- A short cover letter, please!
Cityblock values diversity as a core tenet of the work we do and the populations we serve. We are an equal opportunity employer, indiscriminate of race, religion, ethnicity, national origin, citizenship, gender, gender identity, sexual orientation, age, veteran status, disability, genetic information, or any other protected characteristic.
We do not accept unsolicited resumes from outside recruiters/placement agencies. Cityblock will not pay fees associated with resumes presented through unsolicited means.