Security Engineer, DevOps

Imagen enables Primary Care providers to become technology-enabled multispecialty practices, powering a successful transition from fee-for-service to value-based care. Imagen’s comprehensive platform includes in-office diagnostic testing, diagnostic interpretations powered by proprietary FDA-cleared machine learning software, and virtual specialist consults. Imagen’s platform empowers Primary Care providers to achieve healthcare’s quadruple aim of increasing quality, lowering costs, and improving the patient and provider experience. 

Imagen’s team includes over 100 clinical, technical and business personnel. Imagen’s software has received first-of-its-kind FDA clearances, and its research has been published in leading peer-reviewed journals. Imagen has raised $135 million in capital from investors such as Google Ventures, Casdin Capital, and Threshold Ventures. Imagen was founded in 2015 and is based in New York City.

We're looking for a Security DevOps Engineer to be an integral member of our Security Team. In this high-impact role, you will be responsible for maintaining patient safety through managing our security tools, improving the security of our medical devices and cloud infrastructure, and helping us reach our security compliance goals. This role will also have responsibilities in endpoint security, cloud security, incident response, and vulnerability assessment. This is a hand-on role, and our ideal candidate will maintain high standards, is passionate about delivery of care to patients, and wants to play an impactful role in the development of our innovative medical devices. This is an excellent opportunity for someone eager to learn and grow. 

As the Security DevOps Engineer, you will:

• Own our security tools in AWS such as SecurityHub, GuardDuty, Inspector, and Shield among others
• Improve our cloud security configurations through active Terraform improvements and reviews and patch management
• Be capable of threat analysis and performing offensive security techniques, including vulnerability scanning, to identify potential gaps in Imagen’s operational footprint
• Play a key role in enhancing cloud API security 
• Be responsible for maintaining the security of Imagen’s financial applications through ISO 27001 standards and NIST frameworks
• Partner with key stakeholders to improve and maintain the security of Imagen’s medical device 
• Proactively identify tools and perform projects across the cybersecurity and compliance domains as necessary to improve Imagen’s systems and operations

Requirements:

• At least 2 year experience as a SecOps engineer, security engineer, senior reliability engineer, working in a Security Operations Center (SOC), or equivalent education
• Infrastructure as Code experience (e.g., Terraform)
• Have at least 1 year experience working with AWS SecurityHub or equivalent
• Experience with understanding CVEs and remediating security vulnerabilities
• High standards and the ability plan, prioritize, and manage competing priorities to ensure deadlines are met 
• Enjoys working with technical and non-technical stakeholders

Nice-to-haves:

• Proficiency in a programming language (Python, Ruby, etc)
• Experience with offensive security processes like port scanning, vulnerability scanning, enumeration, and exploitation
• Compliance experience (e.g., HIPAA, HITRUST, SOC2, or PCI) 
• Security certification such as an OSCP, GCIH, GCFA, or similar

Imagen Technologies maintains a Substance Abuse and Testing policy. Being under the influence of alcohol or controlled substances while on the job or while conducting business on Imagen’s behalf is prohibited. Any offer of employment will be made contingent upon successful completion of a drug test, subject to compliance with all applicable federal, state, and local laws.

Imagen is committed to the principle of equal employment opportunity for all employees and applicants for employment and prohibits discrimination and harassment of any kind without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.  Imagen will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.