Information Security Engineer
Sidecar Health is redefining health insurance. Our mission is to make excellent healthcare affordable and attainable for everyone. We know that to accomplish this lofty mission, we need driven people who will make things happen.
The passionate people who make up Sidecar Health’s team come from all over, with backgrounds as tech leaders, policy makers, healthcare professionals, and beyond. And they all have one thing in common—the desire to fix a broken system and make it more personalized, affordable, and transparent.
Sidecar Health has raised more than $175M from top-tier investors. The company is currently valued at over $1B—and growing quickly. Our membership has increased sharply in the two short years we’ve been on the market, and we’re poised for rapid growth over the coming year.
If you want to use your talents to transform healthcare in the United States, come join us!
About the Role
You will have the opportunity to be part of an exciting and growing Information Security and IT team. Our ideal candidate will have security engineering experience to support the design, implementation and operations of the corporate office and cloud networks in addition to various security tools to keep Sidecar Health and its members safe. The Information Security Engineer will report to the Manager of Information Security.
This position can be remote in the U.S.; however, the normal working hours will be aligned close with HQ’s California hours.
What You'll Do
- As a member of the information security and IT team you will support protecting Sidecar Health and its members from cyber threats.
- Partner with supporting teams (IT, Risk and Compliance, DevOps, Engineering, Product, et al) and be the subject matter expert for architecture principles and standards.
- Automate the continuous review process of logs, cyber threats, and vulnerabilities; Implement monitoring to detect security issues and anomalous activity.
- Investigate security incidents and create records on incidents as necessary.
- Develop the process to remediate vulnerabilities per service level agreements.
- Implement single sign-on for applications that support SAML.
- Lead the effort to design systems to meet HIPAA compliance and achieve SOC 2.
- Work directly with the internal technology teams responsible for cloud platforms, ensuring security controls are implemented according to established standards.
- Provide security metrics to measure maturity and ensure goals are met.
- Lead projects and work with outside partners.
- Identify and communicate current and emerging security threats.
What You'll Bring
- Bachelor’s degree from an accredited institution in a related technical field.
- 4+ years of experience in information/cyber security with a focus on cloud security.
- AWS security management experience; understanding of best practices; experience with security tools for AWS configuration management.
- Endpoint security experience: MDM, NGAV, EDR, and MDR, e.g., Intune, Jamf, Microsoft Defender, Carbon Black, CrowdStrike, Red Canary, etc.
- Experience operating DLP and/or CASB.
- Strong understanding of security controls for cloud infrastructure and applications.
- Experience using security vulnerability management tools for patch management, etc.
- Office 365 or Google Enterprise experience.
- Experience using a collaborative tool and ticketing system (e.g., Jira, Confluence, etc.).
- Understanding of networking technologies including wireless.
- Single sign-on experience.
- Excellent analytical and technical skills.
- Effective communicator with both technical and non-technical team members.
- Ability to manage time and prioritize tasks.
Nice to Have
- HIPAA, HITRUST, SOC 2 experience
- IT, security, audit, or related vendor certification, e.g., CISSP, CISM, HCISPP, CHP, CHPS, C|EH, CISA, CRISC, AWS, etc.
What You'll Get
- Competitive salary, bonus opportunity, and equity package
- Comprehensive Medical, Dental, and Vision benefits
- A 401k retirement plan
- Paid vacation and company holidays
- Opportunity to make an impact at a rapidly growing mission-driven company transforming healthcare in the U.S.
Sidecar Health is an Equal Opportunity employer committed to building a diverse team. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status.