Security Engineer (AWS Cloud and Infrastructure)

Remote
Engineering – Security
Full Time
Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology. At Redox, security comes first as patients depend on our systems to be secure, available and reliable. The security team partners with every team in our business to make that happen.

We’re looking for a person who will take on securing our cloud (AWS) based production environment. The scope of this program includes our cloud systems, production network (VPCs), base platform images (Ubuntu & Docker) as well as our orchestration, and deployment pipeline (Kubernetes, etc.).

Security Engineer (Cloud and Infrastructure) is a critical role at Redox. To be successful in this role you will need to have a vision for what this program should look like and design capabilities which scale as the team and company grow. You can be based anywhere in the US. (See “Work Anywhere” below)

Job Responsibilities

    • Be an active voice in our small, focused security team as the primary engineer responsible for Cloud & Infrastructure Security
    • Define the secure baseline and secure configuration required for production systems at Redox
    • Approach securing our company pragmatically, empathizing with engineers and developers to understand their needs.
    • Communicate issues and progress on complex problems in terms easily understood by stakeholders
    • Build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems.
    • Support and build valuable training activities which uplift employee awareness and responses to security threats.
    • Monitor, report and seek to address security vulnerabilities in production.
    • Maximize security impact and reduce risk while minimizing the negative impact on our businesses velocity.
    • Mentor and guide engineering teams on best practices for keeping our production systems secure.
    • Own a platform to distill production security information (Events, Logs etc) into an actionable alerting platform.

Required Skills and Experience

    • Knowledge of current threats and risks, how to detect them, how to build controls to stop them and how to create awareness of them. Such as cloud account takeovers, credential leakage, improper cloud configuration etc
    • Proficiency in cloud technologies and hands-on securing of AWS environments including detailed experience with AWS Organizations, VPC, Security Groups, CloudTrail, IAM etc)
    • Ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders.
    • Experience securing Linux/Ubuntu, Docker, Kubernetes.
    • Knowledge of the OSI Security model and how it applies when securing networks and hosts.
    • Development experience sufficient to automate repetitive tasks and scale your impact.
    • Experience securing networks and infrastructure through firewall design, network segmentation and access (VPNs etc)

Benefits

    • We provide benefits that allow you to live life by your own design. Redox employees enjoy unmatched autonomy in their work and the support to live a balanced life.  We trust you know what you need to be happy, at work and at home.

    • Tackle Challenging Problems Everyday. There is no roadmap for what we are building, so you’ll have the backing and support of talented engineers and security practitioners to make sure you have what you need to be successful.
    • Work Anywhere. (Within the US) We want to have the best people at Redox - no matter where you call home.  All Redox employees are encouraged to live and work wherever they're happiest. All you need is power, wifi, and a computer and you’re good to go. We also run a number of co-located working spaces across many US cities if you prefer an office environment.
    • Flexible Working. Take a trip somewhere fun, stay home to recover from being sick, or have a staycation to unplug and recharge. Our best work happens when we feel fresh and inspired. We leave it up to you to decide when you need to take breaks and encourage you to make time for adventure and discovery.
    • Health & Dental from Day 1. Working in healthcare makes you understand all the challenges life can throw at you. Your health and dental coverage starts when you do to make sure you're always covered.  We provide health and dental insurance for employees, spouses, domestic partners, and dependents, as well as life and disability insurance.
    • Parental Leave. As your family grows, it’s important that you’re there and have time to figure out what your family’s new norm is.  You can take 12 weeks of paid time off within the first year of your new addition arriving. We know that they need you and we have your back.
    • Productivity Fund. We want you to be able to set up a workspace that allows you to perform at your very best.  All Redox employees receive an annual discretionary stipend so you can select what helps you be productive.  
    • 401k. We offer an optional, customizable and flexible 401k plan for you to plan for your financial future on your terms.
About Redox
Healthcare is a 3.5 trillion-dollar industry in the US alone. Sadly, healthcare has been a laggard in realizing the benefits of technology and is overripe for disruption. A primary roadblock that is inhibiting innovation is an inability to integrate innovative software applications with a hospital’s Electronic Health Records system (EHR). Redox solves this foundational problem by providing an elegant, cost-effective, secure and highly-scalable platform that eliminates these technical barriers.

Since Redox’s founding in 2014, thousands of healthcare developers have built on Redox’s API platform and Health Systems are using the Redox platform to do everything from turning on new cloud-based applications to exchanging data with affiliated facilities. Redox has connected hundreds of applications at Health Systems across the country, with robust capabilities for integrating into 30+ EHRs including Epic, Cerner, McKesson, AllScripts, and Athena.

For more information on how we think about adding members to our engineering team, check out this blog post.