Key skills
AWS servicesSecurity engineeringCompliance frameworksTypeScriptRisk assessmentPrioritizationContext switchingAttention to detailAWSServerlessCI/CD
About this role
Stedi is the world's only programmable healthcare clearinghouse, providing modern API interfaces for healthcare transactions. They are seeking an experienced Security Engineer to manage AWS infrastructure and ensure compliance with industry standards while collaborating with engineering teams to enhance security practices.
Responsibilities:
- Develop playbooks and address security-related tasks in our AWS serverless environments
- Drive improvements in our broader security posture, including application security, endpoint security, access management / just-in-time access, email and web gateways, browser security, and data loss prevention
- Collaborate with product engineering teams to raise the bar for security, supporting CI/CD pipelines, dependency management, and secure application design reviews
- Help secure and improve our AWS organization using infrastructure as code (CDK), enforcing security controls, and ensuring strong tenant isolation
- Continuously assess vulnerabilities and perform regular risk assessments
Requirements:
- 4+ years of experience in engineering, working as a security engineer or in security-adjacent roles
- Familiarity with compliance frameworks such as SOC, HIPAA, and/or HITRUST
- 4+ years working with AWS services, including compliance and governance services like AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty
- Proficiency in TypeScript
- Ability to prioritize your work based on the needs of the business and the customers
- High bandwidth; thoughtful attention to many areas simultaneously
- Ability to context switch throughout the course of the day or week as priorities shift
- Philosophical alignment with the Stedi Standards and the Unwritten laws of engineering