Information Security Engineer
Folsom, CA, United States
Job Location: Opeeka Headquarters - Folsom, CA
Position Type Full Time
Education Level 4 Year Degree
Salary Range $100,000.00 - $175,000.00 Salary/year
Job Shift Day
Description
Job Title: Information Security Engineer
Pay Scale: $100,000 to $175,000 annually
Location: Folsom, CA (Not eligible for remote work)
About Opeeka
Opeeka is an innovative technology company, committed to boosting the health and well-being of people from all walks of life. Opeeka is the nation's leader in care collaboration and person-centered outcomes measurement. We provide a robust Software as a Service (SaaS) solution to Healthcare Providers, Healthcare Insurance Companies, Government Agencies, and Community Based Organizations that serve people in need. Opeeka's success and impact has been recognized in the healthcare industry and we are poised to significant growth and continued impact. Learn more at www.opeeka.com/news
Person-Centered Intelligence Solution (P-CIS), Opeeka's principal technology, is a patient outcomes platform that connects to care organizations' existing technology to extend its capability to support value-based care. Payers, states, counties, and care providers use P-CIS to unify the continuum of care, reduce burden on staff, and improve patient outcomes. There is no other technology on the market like P-CIS. It is the only platform to symbiotically work within the ecosystem of care technology to improve workflow, outcomes, care coordination, and overall care system performance.
Opeeka is searching for individuals to join our team who are comfortable working in a fast paced environment and are interested in leveraging their proven skills to help Opeeka capitalize on the significant growth opportunities ahead. If you are someone who is looking for an exciting opportunity with an early stage technology leader, keep reading.
Company Benefits
Opeeka offers a full range of competitive Company benefits to eligible employees.
Vacation
Full-time employees are eligible to earn and accrue vacation upon the first day of work. All full-time employees are eligible to accrue at least 80 hours of paid vacation time annually, and annual vacation time increases based on tenure.
Sick Time
All employees will be granted 5 days (40 hours) of paid sick leave in a lump sum at the time of hire and subsequently, at the beginning of each year on January 1st. Employees may begin to use paid sick leave on their 90th day of employment (or sooner, if applicable law requires). Employees can use up to 5 days (40 hours) of paid sick leave per year.
Holiday Pay
Upon hire, all employees will receive holiday pay for the Company observed holidays, which includes all Federal Holidays and the day after Thanksgiving.
Medical Insurance Benefits
Opeeka provides the option of a comprehensive medical insurance plan for eligible full-time employees and their dependents. Employees are eligible to enroll in the medical program on the first of the month following 30 days of continuous employment. The Company will pay a portion of the medical insurance premium, up to $550 per employee and up to $450 for covered dependent(s). Medical insurance benefits are available to employees, the employee's spouse or registered domestic partner, and the employee's legal dependents.
Dental and Vision Benefits
Eligible full-time employees may also enroll in an employee only, an employee plus children or a family contract on the first of the month following 30 days of employment.
Retirement Plan
Opeeka provides all employees who complete 90 days of employment with a SIMPLE IRA plan which is an excellent means of long-term savings for your retirement. For eligible employees, the Company will contribute a dollar-for-dollar contribution match, up to 3% of the employee's annual compensation.
Job Summary
The Information Security Engineer will develop, execute and track the performance of security measures to protect information and network infrastructure, computer systems, and Opeeka's cloud-based software products. The Security Engineer will design computer security strategies and comprehensive cybersecurity architectures, and identify, define and document system security requirements, and recommend solutions to management. The security Engineer will also configure, troubleshoot and maintain security infrastructure software and hardware, install software that monitors systems and networks for security breaches and intrusions, and monitor systems for irregular behavior, and set up preventive measures. The Security Engineer will plan, develop, implement and update company's information security strategy, and educate and train staff on information system security best practices. Responsibilities include the development of security solutions or identifying and specifying security applications and processes to prevent cyberattacks or other security breaches in association with data connectivity to Opeeka's products. This includes identifying security solutions that support and secure Opeeka's Microsoft Azure infrastructure and associated data networking connectivity. The Information Security Engineer will ensure Opeeka is positioned to protect customer data and conduct regulatory security audits with third party compliance organizations.
Duties & Responsibilities
Work to achieve and maintain compliance with HiTRUST, HIPAA, SOC-2, NIST FIPS 140-2, NIST 800-53 and others
Work directly with engineering teams to help maintain and enhance cloud infrastructure security/privacy
Collaborate with engineering teams to implement scheduled Common Vulnerabilities and Exposures (CVE) scanning and remediation
Maintain and enhance cloud infrastructure security measures, such as firewalls, data encryption, passwords, etc.
Work with DevOps and Engineering teams to monitor and maintain security patch management of cloud infrastructure as well as open source patch management
Troubleshoot, diagnose, and resolve software, hardware, and other network security/privacy related issues
Maintain and configure centrally managed antivirus solutions
Enhance current security alerts and logging, and implement automation around actionable alerts and insights
Create, maintain and update security policies and controls in support of Opeeka's security standards compliance
Prepare for and manage third party security/privacy audits for all Opeeka security/privacy standards compliance
Monitor security/privacy performance and compliance. Help improve current monitoring and logging for greater visibility into potential security/privacy issues as well as audit information
Keep up to date with Microsoft release management to ensure that infrastructure and builds are updated in a timely manner
Work with engineering teams through Opeeka's 2-week sprints to plan security patching release schedules
Work with engineering teams to monitor patch management through the use of code scan tools such as Snyk
Financial Responsibilities:
Includes tracking and monitoring actual labor hours associated with projects to ensure labor costs stay within approved project budget.
Supervisory Responsibilities
There are no supervisory responsibilities for this position.
Qualifications
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Skills and Abilities
Proficient in Azure services.
Knowledge of security software and firewalls.
Knowledge of OWASP security principles.
Knowledge of CVE security analysis principles.
Ability to troubleshoot application issues and complex systems.
Excellent oral and written communication skills.
Attention to detail and problem solving skills.
Knowledge
Strong familiarity with project management software tools, methodologies, and best practices.
Demonstrated ability to create new processes, find new tools, and create efficiencies.
Proven ability to solve problems creatively.
In-depth knowledge of state & local government and federal government is a plus.
Education and/or Experience
4+ year of cloud infrastructure security and design.
4+ years of Security Information and Event Management (SIEM).
4+ years of Windows and Linux administration.
Experience with operating and maintaining complex cloud environments.
Experience using CVE Binary Tool or other scanning tool to uncover known CVE vulnerabilities.
Working knowledge of cloud infrastructure network stacks (VLANs, network architecture, etc).
Compliance experience with HiTRUST, HIPAA, SOC-2, NIST FIPS 140-2, and NIST 800-53.
Physical Requirements:
Frequent on-site, team interaction.
Frequent sitting, standing, and walking.
Occasional to frequent repetitive motion.
Frequent talking and listening in person and over the phone.
Close up and distance vision requirements.
Emotional/Psychological Demands:
Ability to cope with: long periods of concentration; pressure and deadlines; occasional long or irregular hours; occasional public contact; changing priorities.
Work Environment:
Open office environment; moderate temperatures; moderate noise levels.
Compensation details: 100000-175
PIec622c0c4f9a-29448-34193159
PDN-9be593f1-da1a-46d1-83e1-555a68ac9b77
#J-18808-Ljbffr