Information Security Engineer

Folsom, CA, United States

Job Location: Opeeka Headquarters - Folsom, CA

Position Type Full Time

Education Level 4 Year Degree

Salary Range $100,000.00 - $175,000.00 Salary/year

Job Shift Day

Description

Job Title: Information Security Engineer

Pay Scale: $100,000 to $175,000 annually

Location: Folsom, CA (Not eligible for remote work)

About Opeeka

Opeeka is an innovative technology company, committed to boosting the health and well-being of people from all walks of life. Opeeka is the nation's leader in care collaboration and person-centered outcomes measurement. We provide a robust Software as a Service (SaaS) solution to Healthcare Providers, Healthcare Insurance Companies, Government Agencies, and Community Based Organizations that serve people in need. Opeeka's success and impact has been recognized in the healthcare industry and we are poised to significant growth and continued impact. Learn more at www.opeeka.com/news

Person-Centered Intelligence Solution (P-CIS), Opeeka's principal technology, is a patient outcomes platform that connects to care organizations' existing technology to extend its capability to support value-based care. Payers, states, counties, and care providers use P-CIS to unify the continuum of care, reduce burden on staff, and improve patient outcomes. There is no other technology on the market like P-CIS. It is the only platform to symbiotically work within the ecosystem of care technology to improve workflow, outcomes, care coordination, and overall care system performance.

Opeeka is searching for individuals to join our team who are comfortable working in a fast paced environment and are interested in leveraging their proven skills to help Opeeka capitalize on the significant growth opportunities ahead. If you are someone who is looking for an exciting opportunity with an early stage technology leader, keep reading.

Company Benefits

Opeeka offers a full range of competitive Company benefits to eligible employees.

Vacation

Full-time employees are eligible to earn and accrue vacation upon the first day of work. All full-time employees are eligible to accrue at least 80 hours of paid vacation time annually, and annual vacation time increases based on tenure.

Sick Time

All employees will be granted 5 days (40 hours) of paid sick leave in a lump sum at the time of hire and subsequently, at the beginning of each year on January 1st. Employees may begin to use paid sick leave on their 90th day of employment (or sooner, if applicable law requires). Employees can use up to 5 days (40 hours) of paid sick leave per year.

Holiday Pay

Upon hire, all employees will receive holiday pay for the Company observed holidays, which includes all Federal Holidays and the day after Thanksgiving.

Medical Insurance Benefits

Opeeka provides the option of a comprehensive medical insurance plan for eligible full-time employees and their dependents. Employees are eligible to enroll in the medical program on the first of the month following 30 days of continuous employment. The Company will pay a portion of the medical insurance premium, up to $550 per employee and up to $450 for covered dependent(s). Medical insurance benefits are available to employees, the employee's spouse or registered domestic partner, and the employee's legal dependents.

Dental and Vision Benefits

Eligible full-time employees may also enroll in an employee only, an employee plus children or a family contract on the first of the month following 30 days of employment.

Retirement Plan

Opeeka provides all employees who complete 90 days of employment with a SIMPLE IRA plan which is an excellent means of long-term savings for your retirement. For eligible employees, the Company will contribute a dollar-for-dollar contribution match, up to 3% of the employee's annual compensation.

Job Summary

The Information Security Engineer will develop, execute and track the performance of security measures to protect information and network infrastructure, computer systems, and Opeeka's cloud-based software products. The Security Engineer will design computer security strategies and comprehensive cybersecurity architectures, and identify, define and document system security requirements, and recommend solutions to management. The security Engineer will also configure, troubleshoot and maintain security infrastructure software and hardware, install software that monitors systems and networks for security breaches and intrusions, and monitor systems for irregular behavior, and set up preventive measures. The Security Engineer will plan, develop, implement and update company's information security strategy, and educate and train staff on information system security best practices. Responsibilities include the development of security solutions or identifying and specifying security applications and processes to prevent cyberattacks or other security breaches in association with data connectivity to Opeeka's products. This includes identifying security solutions that support and secure Opeeka's Microsoft Azure infrastructure and associated data networking connectivity. The Information Security Engineer will ensure Opeeka is positioned to protect customer data and conduct regulatory security audits with third party compliance organizations.

Duties & Responsibilities

Work to achieve and maintain compliance with HiTRUST, HIPAA, SOC-2, NIST FIPS 140-2, NIST 800-53 and others

Work directly with engineering teams to help maintain and enhance cloud infrastructure security/privacy

Collaborate with engineering teams to implement scheduled Common Vulnerabilities and Exposures (CVE) scanning and remediation

Maintain and enhance cloud infrastructure security measures, such as firewalls, data encryption, passwords, etc.

Work with DevOps and Engineering teams to monitor and maintain security patch management of cloud infrastructure as well as open source patch management

Troubleshoot, diagnose, and resolve software, hardware, and other network security/privacy related issues

Maintain and configure centrally managed antivirus solutions

Enhance current security alerts and logging, and implement automation around actionable alerts and insights

Create, maintain and update security policies and controls in support of Opeeka's security standards compliance

Prepare for and manage third party security/privacy audits for all Opeeka security/privacy standards compliance

Monitor security/privacy performance and compliance. Help improve current monitoring and logging for greater visibility into potential security/privacy issues as well as audit information

Keep up to date with Microsoft release management to ensure that infrastructure and builds are updated in a timely manner

Work with engineering teams through Opeeka's 2-week sprints to plan security patching release schedules

Work with engineering teams to monitor patch management through the use of code scan tools such as Snyk

Financial Responsibilities:

Includes tracking and monitoring actual labor hours associated with projects to ensure labor costs stay within approved project budget.

Supervisory Responsibilities

There are no supervisory responsibilities for this position.

Qualifications

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Skills and Abilities

Proficient in Azure services.

Knowledge of security software and firewalls.

Knowledge of OWASP security principles.

Knowledge of CVE security analysis principles.

Ability to troubleshoot application issues and complex systems.

Excellent oral and written communication skills.

Attention to detail and problem solving skills.

Knowledge

Strong familiarity with project management software tools, methodologies, and best practices.

Demonstrated ability to create new processes, find new tools, and create efficiencies.

Proven ability to solve problems creatively.

In-depth knowledge of state & local government and federal government is a plus.

Education and/or Experience

4+ year of cloud infrastructure security and design.

4+ years of Security Information and Event Management (SIEM).

4+ years of Windows and Linux administration.

Experience with operating and maintaining complex cloud environments.

Experience using CVE Binary Tool or other scanning tool to uncover known CVE vulnerabilities.

Working knowledge of cloud infrastructure network stacks (VLANs, network architecture, etc).

Compliance experience with HiTRUST, HIPAA, SOC-2, NIST FIPS 140-2, and NIST 800-53.

Physical Requirements:

Frequent on-site, team interaction.

Frequent sitting, standing, and walking.

Occasional to frequent repetitive motion.

Frequent talking and listening in person and over the phone.

Close up and distance vision requirements.

Emotional/Psychological Demands:

Ability to cope with: long periods of concentration; pressure and deadlines; occasional long or irregular hours; occasional public contact; changing priorities.

Work Environment:

Open office environment; moderate temperatures; moderate noise levels.

Compensation details: 100000-175

PIec622c0c4f9a-29448-34193159

PDN-9be593f1-da1a-46d1-83e1-555a68ac9b77

#J-18808-Ljbffr