Senior Cloud Security Engineer
About Stellar Health:
Historically, US Healthcare has relied on a fee-for-service reimbursement system where providers are paid based on the quantity of patient visits and procedures, rather than the quality of health outcomes.
At Stellar Health, we help primary care providers put patient health first. Our platform - a mix of technology, people, and analytics - supports providers at the point of care, delivering real-time patient information, activating practice staff, and empowering providers and care teams with incentives that reward the work they are already doing to keep patients healthy. Using the Stellar App, our web-based, point-of-care tool; practices receive a simple checklist of recommended actions that support the best quality care. Providers and care teams are then paid monthly for each action they complete, and Payors save money in reduced healthcare costs along the way.
Stellar is a US-based Health-tech backed by Top VCs (General Atlantic, Point72, & Primary Venture Partners) with an established product & proven operating model. We’ve shown that we make a real difference for physician practices and their patients.
About the position:
Stellar Health is looking for a Senior Cloud Security Engineer to partner with our DevOps, Data, and Engineering teams to design and maintain our Cloud Security program across our internal environment and customer-facing platform. We are looking for an engineer that is passionate about designing a program that prioritizes both threat detection and visibility through monitoring and infrastructure as code to help our Engineering teams categorize risks and threats across Stellar Health’s cloud environments.
- Partner with our DevOps and Engineering teams to determine when and how CI/CD testing is leveraged to validate the configurations and controls of our infrastructure deployments into the cloud (specifically AWS).
- Own Stellar Health's Cloud Security Monitoring program and its priorities around improving visibility and threat detection within our cloud environments.
- Collaborate with our Engineering & Security leadership to ensure our threat model prioritizes the right threats, aligns to leading security practices, and business objectives.
- Drive the prioritization of vulnerability remediation within our cloud infrastructure in our DevOps and Engineering roadmap.
- Worked as a security engineer in a cloud environment, preferably AWS, for at least 3-4 years.
- 1-2 years of direct coding experience either through infrastructure as code or solving security automation problems.
- Passion for researching and building automated processes that help Engineers design secure-by-design cloud infrastructure with only targeted manual security reviews.
- Familiarity with securing and working with compliance teams on regulated data (HIPAA, PCI) or frameworks (HITRUST, FedRAMP, etc.).
- You are a builder and enjoy working with other builders cross-functionally.
- You are a security person that prefers guardrails vs gates.
- You enjoy coaching up and learning from your Engineering partners to strike the right balance between resilience and growth.
- Some projects you will work on could include:
- Work with the DevOps team to refine the automated build process for containers/servers to incorporate vulnerability scanning for base images.
- Design a new monitoring dashboard in our SIEM to enrich the cloud inventory (is this newly deployed container service publicly accessible?).
- Decide the best way to automatically demonstrate that encryption-at-rest is occurring in Stellar’s cloud environment.
At Stellar, we believe in transparency and we do our best to make sure the company and our candidates are on the same page as it relates to compensation. In addition to posting salary ranges for our open roles, candidates should expect to be asked about compensation expectations and requirements early on in their interview process. Our goal is to highlight when expectations and Stellar’s salary range may be out of sync, and work with the candidate to determine whether it makes sense to continue conversations.
We are considering candidates with differing levels of expertise for this position. Leveling will be based upon your experience and performance in the interview process.
Where a new hire falls within a range will be based on their individual skills and experience, and how these competencies compare across other employees in the same role. Stellar's bands are designed to allow for individual compensation growth within the role. As such, new hires typically start at the lower end of the range. Stellar rewards performance and outcomes - should you join the company, you will have the opportunity to grow your salary over time.
- The salary range for a Senior Cloud Security Engineer l is $170,000 - $190,000 and will be eligible for an annual performance based bonus and equity grant
- The salary range for a Senior Cloud Security Engineer ll is $200,000 - $230,000 and will be eligible for an annual performance based bonus and equity grant
Perks & Benefits:
Stellar offers a carefully curated selection of wellness benefits and perks to our employees:
- Medical, Dental and Vision Benefits
- Unlimited PTO (and ask our recruiting team about the ways we make sure employees are actually taking PTO)
- Universal Paid Family Leave, with up to 21 weeks of fully paid leave available to new parents and caregivers
- Company sponsored One Medical memberships and Citibike memberships
- Medical Travel Benefits
- A monthly wellness stipend that gives employees the freedom to choose where they spend their cash, whether it be on wellness, pet care, childcare, WFH items, or charitable donations
- Stock Options & a 401k matching program
- Career development opportunities like Manager Training, coaching, and an internal mobility program
- A broad calendar of company sponsored social events that for our in-office and remote employees
Diversity is the key to our success. Stellar Health is an equal opportunity employer and we are open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, veteran status, or any other legally protected status.
We believe that diverse teams -and the different identities, cultures, and life experiences our team members bring to the table- enable us to create amazing products, find creative solutions to interesting problems, and build an inclusive working environment.
At Stellar Health, your privacy and security as a job seeker is a priority no matter where you are in the interview process. As recruiting scams have become more prevalent, please take note of the following practices to ensure the legitimacy of any interaction with our team.
- Please note that any communication from our recruiters and hiring managers at Stellar Health about a job opportunity will only be made by a Stellar Health employee with an @stellar.health email address.
- Stellar Health does not utilize third-party agencies for recruitment services and does not conduct text message or chat-based interviews. Any other email addresses, agencies, or forums may be phishing scams designed to obtain your personal information.
- We will not ask you to provide personal or financial information, including, but not limited to, your social security number, online account passwords, credit card numbers, passport information, and other related banking information until we begin onboarding activities, which will be coordinated by a member of the Stellar Health People Ops Team with an @stellar.health email address.
If you are ever unsure whether you are in contact with a legitimate Stellar Health teammate, please contact email@example.com. If you believe you've been a victim of a phishing attack, please mark the communication as “spam” and immediately report it by contacting the U.S. Federal Trade Commission.