Lead Security Engineer
Remote
Curai Health is an AI-powered virtual clinic on a mission to improve access to care at scale. As the pioneer in deploying machine learning into clinical workflows, Curai Health enables its dedicated, specially trained clinicians to deliver primary care to more people at a fraction of the cost. Easy-to-use and convenient, Curai Health partners with insurers and health systems to keep patients engaged in their care over time, improving health outcomes and reducing costs.
Our company is remote-first and we consider candidates across the United States. Our corporate office is located in San Francisco.
The RoleWe are looking for a hungry and experienced Lead Security Engineer to join our team. This role will report into our engineering organization and take a leading role in supporting security and continuous compliance. This will also include designing and building tools and service integrations that make governance easier and part of the normal day-to-day engineering work.
Who You AreNone of these, individually, are hard requirements but they do describe the type of folks that we think would be most effective and happy at Curai. You…• Are excited to work with a company that values innovation and prioritizes the security of its systems and its clients' data• Are dedicated to continuous learning and improvement in the field of cybersecurity• Have a strong orientation to Curai’s mission to make high-quality healthcare accessible to all• Have worked remotely before, or have a strong feeling that you'd work well with a remote team, spread across multiple time zones• Are excited to try things out to validate new features, and move on if they no longer solve a problem• Can work effectively with others• Are excited about getting on the speeding train that is a growing startup!• Focus on the end goal, and build a practical path to achieve it• You’re someone who will say something if they see something; arming themselves with what they can do to help
What You’ll Do• Maintain infrastructure and operational security controls that ensure Curai remains both HIPAA and SOC-2 compliant• Lead initiatives to establish and implement new frameworks (like HITRUST and NIST)• Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, such as those found in cloud infrastructure security standards like ISO and NIST)• Conduct regular security and privacy assessments based on changes to Curai’s infrastructure and applications for potential impact.• Work with engineers to identify the tradeoffs of different solutions and recommend ideal designs that meet the team’s requirements, as well as our security requirements• Manage the execution of penetration tests and coordinate all remediation activities with the rest of the engineering team.• Implement and maintain core security tooling, such as vulnerability and configuration management, intrusion detection/prevention systems, SIEM tools, etc. • Assist the security team in performing/automating audits, security assessments, and quarterly access reviews• Continually evaluate new threats in the cloud, to identify the impact on IT and Business to develop and implement security controls• Provide technical and integration support for Curai’s continuous compliance platform, Drata• Help write and draft policies and programs to support Curai's privacy and security initiatives
What You’ll Need• 5+ years of experience in a similar role• Hands-on experience fixing security issues and working with Python and Terraform• A passion for improving infrastructure security operations• Demonstrated ability and experience securing large complex enterprise architectures or systems deployed in the public cloud (e.g. Amazon Web Services)• Experience with various AWS security tools such as GuardDuty, CloudTrail, CloudWatch, Inspector, etc.• Hands-on experience in implementing, and administering IAM systems like Okta and OneLogin is a plus• Experience with Datadog is a plus• Experience with ISO 27001/2, NIST CSF, HIPAA/HITECH, SOC-2, PCI, SOX, ITGC, or other security frameworks preferred.• Experience with continuous compliance platforms such as Drata, Vanta, SecureFrame, etc. is a plus.• Computer science or similar technical degree, or equivalent practical experienceStrong analytical and problem-solving skills• Excellent interpersonal and verbal + written communication skills• Ability to work and thrive in a fast-paced, diverse, and multidisciplinary work environment
What We Offer• Culture: Mission-driven talent with great colleagues committed to living our values, collaborating, and driving performance• Pay: Competitive compensation and stock• Wellness: Unlimited PTO, flexible working hours and remote working options• Benefits: Excellent medical, dental, vision, flex spending plans, and parental leave• Financial: 401k plan with employer matching
The annual base salary range for this position is between $180,000 and $230,000 annually. Stock grants also play a key part in any offer, they increase your overall compensation package significantly based on company success. Please note that the base salary range is a guideline, and individual total compensation will vary based on qualifications, skill level, competencies, and work location.
Curai Health is a startup with a small, but world-class team from high-tech companies, AI researchers, and practicing physicians, to team members from non-traditional career paths and backgrounds. We also have research partnerships with leading universities nationwide and access to medical data that facilitates research in this space. We are a highly collaborative, data-driven team, focused on delivering our mission with funding from top-tier Silicon Valley investors including Morningside, General Catalyst, and Khosla Ventures.
At Curai Health, we are highly committed to building a diverse and inclusive environment. In keeping with our beliefs and values, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. To promote an equitable and bias-free workplace, we set competitive compensation packages for each position and do not negotiate on our offers. We are looking for mission-driven teammates, who embody our core values and appreciate our transparent approach. Apply
Our company is remote-first and we consider candidates across the United States. Our corporate office is located in San Francisco.
The RoleWe are looking for a hungry and experienced Lead Security Engineer to join our team. This role will report into our engineering organization and take a leading role in supporting security and continuous compliance. This will also include designing and building tools and service integrations that make governance easier and part of the normal day-to-day engineering work.
Who You AreNone of these, individually, are hard requirements but they do describe the type of folks that we think would be most effective and happy at Curai. You…• Are excited to work with a company that values innovation and prioritizes the security of its systems and its clients' data• Are dedicated to continuous learning and improvement in the field of cybersecurity• Have a strong orientation to Curai’s mission to make high-quality healthcare accessible to all• Have worked remotely before, or have a strong feeling that you'd work well with a remote team, spread across multiple time zones• Are excited to try things out to validate new features, and move on if they no longer solve a problem• Can work effectively with others• Are excited about getting on the speeding train that is a growing startup!• Focus on the end goal, and build a practical path to achieve it• You’re someone who will say something if they see something; arming themselves with what they can do to help
What You’ll Do• Maintain infrastructure and operational security controls that ensure Curai remains both HIPAA and SOC-2 compliant• Lead initiatives to establish and implement new frameworks (like HITRUST and NIST)• Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, such as those found in cloud infrastructure security standards like ISO and NIST)• Conduct regular security and privacy assessments based on changes to Curai’s infrastructure and applications for potential impact.• Work with engineers to identify the tradeoffs of different solutions and recommend ideal designs that meet the team’s requirements, as well as our security requirements• Manage the execution of penetration tests and coordinate all remediation activities with the rest of the engineering team.• Implement and maintain core security tooling, such as vulnerability and configuration management, intrusion detection/prevention systems, SIEM tools, etc. • Assist the security team in performing/automating audits, security assessments, and quarterly access reviews• Continually evaluate new threats in the cloud, to identify the impact on IT and Business to develop and implement security controls• Provide technical and integration support for Curai’s continuous compliance platform, Drata• Help write and draft policies and programs to support Curai's privacy and security initiatives
What You’ll Need• 5+ years of experience in a similar role• Hands-on experience fixing security issues and working with Python and Terraform• A passion for improving infrastructure security operations• Demonstrated ability and experience securing large complex enterprise architectures or systems deployed in the public cloud (e.g. Amazon Web Services)• Experience with various AWS security tools such as GuardDuty, CloudTrail, CloudWatch, Inspector, etc.• Hands-on experience in implementing, and administering IAM systems like Okta and OneLogin is a plus• Experience with Datadog is a plus• Experience with ISO 27001/2, NIST CSF, HIPAA/HITECH, SOC-2, PCI, SOX, ITGC, or other security frameworks preferred.• Experience with continuous compliance platforms such as Drata, Vanta, SecureFrame, etc. is a plus.• Computer science or similar technical degree, or equivalent practical experienceStrong analytical and problem-solving skills• Excellent interpersonal and verbal + written communication skills• Ability to work and thrive in a fast-paced, diverse, and multidisciplinary work environment
What We Offer• Culture: Mission-driven talent with great colleagues committed to living our values, collaborating, and driving performance• Pay: Competitive compensation and stock• Wellness: Unlimited PTO, flexible working hours and remote working options• Benefits: Excellent medical, dental, vision, flex spending plans, and parental leave• Financial: 401k plan with employer matching
The annual base salary range for this position is between $180,000 and $230,000 annually. Stock grants also play a key part in any offer, they increase your overall compensation package significantly based on company success. Please note that the base salary range is a guideline, and individual total compensation will vary based on qualifications, skill level, competencies, and work location.
Curai Health is a startup with a small, but world-class team from high-tech companies, AI researchers, and practicing physicians, to team members from non-traditional career paths and backgrounds. We also have research partnerships with leading universities nationwide and access to medical data that facilitates research in this space. We are a highly collaborative, data-driven team, focused on delivering our mission with funding from top-tier Silicon Valley investors including Morningside, General Catalyst, and Khosla Ventures.
At Curai Health, we are highly committed to building a diverse and inclusive environment. In keeping with our beliefs and values, no employee or applicant will face discrimination or harassment based on race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. To promote an equitable and bias-free workplace, we set competitive compensation packages for each position and do not negotiate on our offers. We are looking for mission-driven teammates, who embody our core values and appreciate our transparent approach. Apply
Job Profile
Benefits/PerksCompetitive compensation Continuous learning Flexible working hours Innovative environment Remote work Unlimited PTO
Tasks- Conduct security assessments
- Draft security policies
- Establish security requirements
- Implement security tooling
- Lead security initiatives
- Maintain security controls
- Manage penetration tests
- Support compliance platform
AI Analytical AWS Benefits Cloud Security Communication Compliance Continuous compliance Cybersecurity Healthcare HIPAA HIPAA Compliance HITRUST Intrusion Detection Machine Learning NIST Penetration Testing Policy Writing Python Security assessments Security Engineering SIEM tools SOC 2 compliance Terraform Vulnerability Management
Experience5 years
Certifications
Remote Jobs in North America
Remote Jobs in Europe
Remote Jobs in Asia/Pacific
Remote Jobs in South America
Remote Jobs in Africa
Remote Jobs in Middle East
Full Time Remote Jobs
Part Time Remote Jobs
Internship Remote Jobs
Contract Remote Jobs
Temporary Remote Jobs
Freelance Remote Jobs
Mid-Level Remote Jobs
Senior-Level Remote Jobs
Entry-Level Remote Jobs
Exec-Level Remote Jobs
Lead-Level Remote Jobs
Remote Designer Jobs
Remote Engineer I Jobs
Remote Assist Jobs
Remote Coordinator Jobs
Remote Platform Jobs
Remote Contract Jobs
Remote Assistant Jobs
Remote Project Manager Jobs
Remote Technician Jobs
Remote Hybrid Jobs
Remote Marketing Manager Jobs
Remote Program Manager Jobs
Remote Admin Jobs
Remote Analytics Jobs
Remote Strategy Jobs
Remote Scientist Jobs
Remote Application Jobs
Remote Engineer II Jobs
Remote Customer Success Jobs
Remote Counsel Jobs
Remote Jobs with PHP > 280K in Salary
Remote Jobs with EUR > 100K in Salary
Remote Jobs with CAD > 140K in Salary
Remote Jobs with GBP > 140K in Salary
Remote Jobs with GBP > 160K in Salary
Remote Jobs with EUR > 120K in Salary
Remote Jobs with CAD > 160K in Salary
Remote Jobs with GBP > 180K in Salary
Remote Jobs with GBP > 200K in Salary
Remote Jobs with GBP > 240K in Salary
Remote Jobs with GBP > 220K in Salary
Remote Jobs with PLN > 80K in Salary
Remote Jobs with PLN > 40K in Salary
Remote Jobs with PLN > 60K in Salary
Remote Jobs with CAD > 180K in Salary
Remote Jobs with PLN > 100K in Salary
Remote Jobs with PLN > 120K in Salary
Remote Jobs with PLN > 140K in Salary
Remote Jobs with EUR > 140K in Salary
Remote Jobs with PLN > 160K in Salary