Staff Security Engineer

Summary

Join Gradient AI, a leading provider of AI solutions for the insurance industry, as a Staff Security Engineer. This fully remote position requires managing the company's overall security posture. You will lead HITRUST certification and SOC2 report evaluation, perform risk assessments, and improve network and data security. Responsibilities include implementing cloud configuration management, driving enterprise security initiatives, managing the SIEM system, conducting security assessments, and ensuring timely patching. The ideal candidate possesses 5+ years of experience in system or information security engineering, experience with SOC2 or HITRUST security audits, and hands-on experience with AWS security systems.

Requirements

• 5+ years of experience as System Security Engineer or Information Security Engineer
• Experience managing security audits for SOC2 or HITRUST
• Experience in building and maintaining security systems
• Security Information Event Management (SIEM) solutions
• Hands on experience in security systems within AWS

Responsibilities

• Lead the evaluation for HITRUST certification and SOC2 report
• Perform risk assessments
• Assess and improve network & data security
• Implement and automate cloud configuration management to ensure security best practices, compliance, and continuous risk mitigation
• Drive enterprise security initiatives that enhance the organization’s resilience against cyber threats
• Manage and optimize our Security Information and Event Management (SIEM) system to ensure accurate threat detection and effective response
• Develop and fine-tune detection rules to identify and mitigate security threats in real time
• Conduct assessments, penetration tests, and vulnerability scans to identify and remediate security gaps
• Ensure timely patching of systems and applications to reduce exposure to known exploits
• Deploy and manage endpoint detection response (EDR) solutions to monitor, detect, and respond to endpoint threats
• Manage user authentication, permissions, and identity security to protect access to critical systems
• Implement and enforce mobile device management (MDM) security policies to safeguard corporate endpoints

Preferred Qualifications

• Familiarity with securing PHI and PII
• Experience with Data Loss Prevention (DLP)
• Security related Certifications

Benefits

• Generous stock options
• Unlimited vacation days
• Flexible schedule that supports working from home
• Full benefits package includes medical, dental, vision, 401k, paid paternal leave, and more
• Ample opportunities to learn and take on new responsibilities