Company:The mission of Well ( is to transform healthcare through our unique impact on our members' health and happiness. We do this through our differentiated consumer experience and world-class data and analytics engine that drive engagement and behavior change. Our product a consumer health engagement platform integrates concierge services, behavioral health, telemedicine, care management and wellness services to drive sustained engagement, lower costs and improve the health of members. In addition to our product, we know our team makes us unique. We re a highly diverse and engaged organization whose employees are passionate about the mission of the company and whose management is passionate about the employees. We promote an employee- and member-centric culture with generous benefits, which you can learn more about here:
Position Title: Senior Security Engineer
Reporting To: Principal DevOps Engineer
Location: Chapel Hill, NC; Minneapolis, MN; Boston, MA (Newton Office); New York, NY
Compensation Information: This role can be hired for at either the Senior Security Engineer 3 ($135,000-$150,000) or Senior Security Engineer 4 ($150,000-$170,000) range
Position Summary:
In this role, you ll be responsible for maintaining and improving Well s security posture in several areas: cloud, endpoint, incident response and vulnerability management.
As a key member of our Dev and Cloud Ops Software Engineering team, you will play a crucial role in enabling the business to achieve its goals by implementing innovative cloud-native infrastructure for development, data, product, and AI platforms. Your primary focus will be to ensure operational support for our customers through the delivery of first-class products. You will work in a dynamic team, collaborating with the DevOps Team Lead and Principal Architect to build and maintain secure enterprise-wide cloud environments that meet the stringent security requirements of a HIPAA/HITECH/HITRUST environment. Utilizing modern cloud technologies and services, you will help create a stable and well-maintained set of cloud environments to support complex web and mobile properties.
Key Responsibilities:
- Provide recommendations and implement security layout and architecture of a system or network with required security tools and existing tool functionality
- Iteratively improve security posture of Well s public cloud infrastructure (AWS, GCP, Azure)
- Build and maintain secure enterprise-wide cloud environments using terraform that deliver the necessary business functionality for internal and external stakeholders.
- Provide guidance and partnership to Engineering teams to guide analysis and management of security vulnerabilities
- Support hundreds of services and data stores in a microservice architecture, automating and operationalizing all aspects of cloud environment creation and maintenance.
- Collaborate with key engineering, operational, and business stakeholders to build secure cloud services utilizing containerization, serverless, and streaming technologies.
- Break high-level requirements down into manageable tasks for yourself and others, working closely with the Team Lead to achieve project milestones.
- Participate in cloud engineering activities, including CI/CD tooling build-out, selection of serverless frameworks, data storage architecture, automated testing frameworks, development best practices, and debugging/application monitoring solutions.
- Experiment and develop novel solutions to complex problems, contributing to a culture of innovation.
- Ensure compliance with information security best practices to meet all regulatory requirements.
- Recommend and implement improvements to IT policies to foster an agile and innovative culture.
- Implement proper monitoring and redundancy solutions to ensure the reliability required by the business and its products, utilizing modern SaaS-based solutions.
- Analyze incidents and quality of service to improve support processes over time.
- Take personal responsibility for the security and safety of all Well systems and data, including sensitive member data, in accordance with Well data and security policies and HIPAA guidelines.
Qualifications:
- Bachelor s degree in engineering or science, or equivalent experience
- 5+ years of experience in DevOps or Cloud Ops engineering
- Proven experience with vulnerability scans, scanning tools, assessments, remediation
- Familiarity with security frameworks and standards knowledge
- Experience with Cloud Control Matrix and CIS benchmarks for gap assessment and defining requirements
- Familiarity with operational and security incident response processes
- Credibility from a technology perspective, including recent projects, solutions, and build-out examples
- Experience in event-driven and distributed services
- Knowledgeable in AWS
- Experience in Azure and GCP
- Proficiency in programming languages such as Python, JavaScript or Golang.
- Familiarity with AWS cloud services
- Familiarity with Jira or another ticketing tool to track work
- Experience in high-security cloud infrastructure
- An innovative mindset with a passion for learning and staying up-to-date with industry trends.
- Outstanding verbal and written communication skills, including the ability to make formal presentations to all levels of management
- Demonstrated collaborative style, with the ability to influence diverse teams and build strong relationships across various internal stakeholders and constituents
Additional Job Information
Well is on a mission to redefine the healthcare experience. This is an opportunity to re-shape healthcare for America. We are developing solutions to improve the quality and affordability of healthcare. We welcome team members who are passionate about that mission. We embrace diversity and are committed to building an inclusive team.
Well is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.