Senior DevSecOps Engineer

Posted Apr 3

Redesign Health has recently become aware of the fraudulent use of our name on job postings and via recruiting emails that are illegitimate and not in any way associated with us. Redesign Health will never ask you to provide sensitive personal information as part of the recruiting process, such as your social security number; send you any unsolicited job offers or employment contracts; require any fees, payments or access to any financial accounts; and/or conduct text-only interviews. If you suspect you are being scammed or have been scammed online, you may report the crime to the Federal Bureau of Investigation and obtain more information regarding online scams at the Federal Trade Commission. If you have any questions regarding the authenticity of any communication sent purportedly by on or behalf of Redesign Health, we encourage you to contact us here.

Redesign Health is a proud Equal Opportunity Employer – we recruit, train, compensate and promote our team members based on qualifications. We know how important it is not only to include, but to actively seek out a diversity of opinions and voices.

We want to hear from you regardless of your race, religion, national origin, sex, gender identity, sexual orientation, disability, age, veteran status, or any other applicable legally protected characteristics.

Redesign Health is a company that powers innovation in healthcare. We develop technologies, tools, and insights that lower the barriers to change in healthcare, and provide a platform that enables founders and the broader healthcare ecosystem to build high-quality health solutions at scale. We have powered the launch of over 30 companies to-date, impacting more than ten million lives across many aspects of the healthcare ecosystem including cancer care, teleaudiology, COVID-19 testing, metabolic health and more. We’re on a mission to redesign health for everyone.

About The Job

As a Senior DevSecOps Engineer on our Platform & Data team, you have the unique opportunity to help ensure security is built in from the beginning, not retrofitted. We’re working to build a brand new platform and ensuring robust security measures are built in is one of our core feature sets. You’ll have the ability to help from ensuring we have a fully secure CI/CD pipeline to build and deploy secure and compliant applications to equipping our infrastructure with proper governance and embedded security controls to prevent security loopholes. 

Reporting into the VP of Technology and Security, you’ll be partnering with cross functional teams to establish a strategic path in building out our platform with a shift-left security approach to implement security measures at each and every layer.

If you like working on automated security frameworks, building out a fully secure and compliant cloud infrastructure, we look forward to hearing from you!

What you'll do:

  • Evaluate a myriad of deployment scenarios (cloud, hybrid-cloud), services, models and technology to ensure they are secure and compliant with various industry standards (HIPAA, PII, SOX)
  • Develop and guide technology risk management in collaboration with teams across the company to enable responsive, secure and cost effective solutions
  • Be highly versatile and technical, from heavy network engineering, application security and DevSecOps (Development, Security and Operations)
  • Provide best security guidance to secure a Cloud based Service Mesh environment

What you'll need:

  • 4+ years of experience in cloud / software security experience  
  • 3+ years of software experience in Java/Go/Python or equivalent; ability to write / understand software development, specifically writing modules towards security within a platform or working with third parties for evaluating source code for vulnerability
  • 3+ years of experience securing AWS infrastructure
  • 2+ years of experience with Kubernetes (from a security perspective), working with Large K8s clusters/service mesh enabled, or NetPol with Calico or similar  
  • Experience with security vulnerability assessments and tools (WAF, Inspector, Guarduty, Threat Stack, other IDS/IPS tools, etc.)
  • Experience building and maintaining CI/CD pipelines

What you'll bring to the table:

  • Solid knowledge of SSO methodologies (SAML, AD, LDAP)  
  • Strong understanding of network and security concepts including TCP/IP protocol stack, HTTP, HTTP/2, PKI, SSL, TLS, DTLS, mutual TLS, OAuth, Authentication, Authorization
  • Understanding of application security (mTLS, SPIFFE, General Understanding of HIPAA/SOX/PII/GDPR compliance)

Who you are:

  • Manages Complexity. You ask the right questions to accurately analyze situations and uncover root causes to difficult issues. Through acquiring data from multiple and diverse sources, you are able to make sense of complex, high-quantity, and sometimes contradictory information to solve problems.
  • Drives Results. You persist in accomplishing objectives and exceeding goals despite obstacles and setbacks, while also helping others to achieve results.
  • Collaborates. You work cooperatively with others across the organization to achieve shared objectives, partnering with others to get work done and crediting others for their contributions and accomplishments.

You will work out of one of the following locations:

  • In-office: New York, NY
  • Remote: Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming

Additional Information

Full-time base salary of $171,000 plus a competitive equity & benefits package listed under the "Why work with us?" section.

What Redesign is all about

Redesign’s mission is to elevate healthcare companies that empower people to live their healthiest lives. To give a sense of what our team is all about, these are the values that guide our work:

  • Redesign healthcare - We bring positive change to patients’ lives
  • Own the outcome - We do the work to get the job done
  • Be trusted partners - We strive to be the teammates and co-founders of choice
  • Champion diverse perspectives - We work to unlock our joint potential
  • Practice kindness - We aim to build bridges, not walls
  • Learn continuously - We focus on constantly growing as individuals and as a team

Why work with us?

We care deeply about your well-being. And we’ve tailored our unique benefits around your wellness. Check out our full range of benefits here, and a few of our highlighted benefits below:

  • Benefits for your physical wellness:
  • Full medical, dental, and vision coverage with no monthly contribution for you and your dependents (for all of our plans!)
  • Quarterly in-home house cleaning
  • $50 a month wellness stipend
  • Benefits for your financial wellness:
  • 401K match
  • Student loan repayment contribution
  • Tax preparation services
  • Benefits for your mental wellness:
  • Unlimited PTO
  • An annual 2-week company-wide winter break
  • 2 month sabbatical after 4 years
  • Reimbursements to Spotify & Headspace
  • Benefits for the wellness of parents:
  • 16 week full paid parental leave
  • Maven Clinic access with $2k lifetime contributions to fertility & adoption services
  • Diaper subscription service & summer camp reimbursement program