Security Engineer, Infrastructure Protection

Seattle, WA
Technology – Engineering
At 98point6, our mission is bringing technology and medicine together to reinvent healthcare. You’ll collaborate with multiple teams, work across disciplines and encounter and conquer many challenges. Each day you’ll be working towards profoundly transforming healthcare.

Your role and impact

As a dedicated security engineer, you’ll craft our security program and infrastructure. You will work with SaaS-based systems that handle federally protected health information; systems which always must be available for our patients, clinical operators and doctors. You will design and implement controls to address real world threats and risks to create a secure experience for everyone who uses our services.


    • Lead the design, architecture and implementation of security safeguards for 98point6 systems, networks and services
    • Conduct perpetual security risk assessment to identify threats and risk treatment plans to continually improve system hardening
    • Collaborate with product and engineering teams to ensure security requirements are embedded in our software, infrastructure designs and development processes
    • Conduct periodic internal security audits as well as support third-party security audits to verify effectiveness and compliance  
    • Provide security and privacy incident response, root cause analysis and corrective action plans to prevent recurrence
    • Develop and manage a continuous security awareness learning program for the 98point6 team
    • Complete security assessments to facilitate the contracting process with commercial customers
    • Lead efforts to obtain or renew SOC 2 audits and ISO 27001 certifications
    • Develop and measure key metrics related to the security program


    • BA/BS in computer science/engineering or professional certification in information security and/or cloud technology (e.g. CISSP, CISA, CISM, GSEC, ITIL, AWS)
    • Experience with security threat modeling, risk management and system security monitoring
    • Experience with security incident response and root cause analysis
    • Experience with business continuity and disaster recovery planning and testing in a SaaS environment
    • Experience with coding or scripting for automation in Java, Python, Ruby or similar
    • Experience securing AWS infrastructure
    • Excellent written and oral communication skills, including an ability to author policies, procedures and training content

Preferred Qualifications

    • 5+ years of professional experience in systems engineering or a DevOps environment
    • Experience working in a healthcare regulated environment and implementing security standards like HIPAA and NIST 800-53
    • Experience managing security audits (both internal and third party)
    • Excellent understanding of Linux fundamentals and TCP/IP networking, architecture and core technologies (such as DNS, DHCP, HTTP, Routing, VPN)
98point6 provides equal employment opportunities to all without regard to race, color, religion, sex (including sexual orientation or gender identity), national origin, age, disability, genetic information or other protected status.