At Collective Health, we’re transforming how employers and their people engage with their health benefits by seamlessly integrating cutting-edge technology, compassionate service, and world-class user experience design.
You’ll lead initiatives that address the company’s—and some of our industry’s—most sophisticated and meaningful security engineering challenges. You will build relationships across all parts of the business and drive multi-functional initiatives to continuously improve our security and privacy posture. You will be responsible for building and implementing controls that can scale and optimize as we move into a context-aware security environment.

WHAT YOU’LL DO:

• Build Zero Trust: Help develop and implement our Zero Trust architecture.
• Secure Cloud and Networks: Implement and maintain robust Cloud and Network security policies and controls.
• Secure Infrastructure: Develop secure-by-default infrastructure using tools like Terraform.
• Automate Vulnerability Management: Enhance our vulnerability management and penetration testing automation.
• Guide Secure Design: Conduct secure design reviews, integrating the latest security best practices.
• Handle Vulnerabilities: Support our vulnerability management program and prioritize fixes.
• Ensure Compliance: Perform security control compliance tasks, audits, and reporting.
• Drive Security Projects: Agilely manage diverse security projects to mitigate organizational risk.

TO BE SUCCESSFUL IN THIS ROLE, YOU’LL NEED:

• Quick Learner & Problem-Solver: A passionate, quick learner eager to tackle and solve complex challenges.
• Independent & Accountable: Self-driven and accountable, capable of independent prioritization and execution.
• Strategic & Decisive: A decisive problem-solver adept at designing robust solutions in complex, ambiguous environments.
• Customer-Focused Security Expert: A customer-centric expert with a deep understanding of product, software, and systems lifecycles.
• Threat Modeling Leader: Demonstrated ability to lead threat modeling for complex systems.
• AppSec & CloudSec Pro: A strong understanding of both Application Security and Cloud Security.