Senior Security Engineer

 

Description:

At Collective Health, we’re transforming how employers and their people engage with their health benefits by seamlessly integrating cutting-edge technology, compassionate service, and world-class user experience design.

You’ll lead initiatives that address the company’s—and some of our industry’s—most sophisticated and meaningful security engineering challenges. You will build relationships across all parts of the business and drive multi-functional initiatives to continuously improve our security and privacy posture. You will be responsible for building and implementing controls that can scale and optimize as we move into a context-aware security environment.

What You'll Do
 

  • Secure AI products and internal tools by assessing security and privacy risks
  • Conduct secure design reviews and threat modeling to instill security best practices
  • Work with cross-functional teams to implement and maintain identity and access management (IAM) policies and controls within our Service-Oriented Architecture
  • Design and operate a robust Public Key Infrastructure (PKI) to ensure secure authentication and encryption across the organization's systems
  • Develop secure by default infrastructure using technologies such as Terraform and Kubernetes
  • Support the vulnerability management program and prioritize vulnerability fixes
  • Perform compliance tasks related to security controls, audits, and reporting
  • Oversee the weekly organization wide security newsletter
  • Be agile to work across multiple security domains and tackle projects that are critical to maintaining risk to the organization
     

To Be Successful In This Role, You'll Need
 

  • 5+ years as a Security Engineer
  • Proven leadership in risk assessment and threat modeling
  • Excellent communication for technical concepts to all stakeholders
  • Solid grasp of Identity Access Management lifecycle (Okta preferred)
  • In-depth knowledge: PKI architecture, CAs, certificate lifecycle tools
  • Experience securing cloud (AWS, GCP) and Kubernetes
  • Understanding common security flaws (OWASP Top 10, CIS Benchmarks)
  • Familiarity with HIPAA, HITRUST, related healthcare data security rules

Organization Collective Health
Industry IT / Telecom / Software Jobs
Occupational Category Senior Security Engineer
Job Location New York,USA
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Experienced Professional
Experience 5 Years
Posted at 2025-06-24 1:01 pm
Expires on 2026-01-12