Washington, DC, USA • Remote
Help Us Shape the Future of Healthcare
At League, we’re big on building connections - both through our product and with each other. Our platform is consumer centric, personalized and always on. We’re reimagining the health benefits experience to give people a more consumer-centric way to manage their health: immediate, seamless, and tailored to their unique needs. It’s a front door to healthcare that empowers people to live healthier, happier lives. Every day.
As the IT Security Engineer you are responsible for assessing and providing a unified approach to League’s corporate network security infrastructure. You build scalable and reliable systems to manage risk and ensure a secure operating environment, whether in one of our offices or across the cloud.
You design, build, and maintain the security infrastructure. You bring an employee focused mindset while managing risk and maintaining secure access to our resources and data. Personal information, personal health information, and intellectual property are your subject material.
Security is a top priority at League. You will serve a key role in enabling digital leak protections to secure the intellectual property of League and all its products. Working closely with the Internal Audit team, Identity Administrator, and IT Service Desk Team, you will be in charge of coordinating IT audit and reportability for our many security frameworks, SOC 2, HIPAA, GDPR, PIPEDA and any other major privacy legal standard.
In this role you will:
- Proactively make recommendations to improve existing processes, making the internal IT service secure and employee-centric.
- Build, test & maintain League’s hybrid work security infrastructure
- Implement new features and core services in the League security infrastructure
- Architect, implement and own system operation policies including but not limited to Access Control, Encryption Control, Logging, Change Management and Platform Security
- Tested and evidence based approach to corporate network security and endpoint protection
- Identification and implementation of up to date security protocols to establish a robust security posture that can be exemplified to vendors and auditors
- Implementation and maintenance of DLP policies
- Audit review and response in regards to internal corporate infrastructure
- Data Security management experience
- DLP policy implementation
- Internal IT audit evidence fulfillment experience; SOC 2, HIPAA, GDPR, PIPEDA, client audit requests, internal and external audits
Attributes / Characteristics:
- Understands how their work fits into team and company objectives
- Communicates assumptions and gets clarification on tasks up front to minimize the need for rework
- Solicits feedback from others, and gives timely, helpful feedback to peers and managers
USA APPLICANTS ONLY: The US-specific compensation range below for this full-time position is exclusive of bonus, equity and benefits. This range reflects the minimum and maximum target for base salaries for the position across all US locations. Where in the band you may land is determined by job-related skills/experience and location. Your recruiter can share more about the specific salary range for your location during the hiring process.
Compensation range for USA applicants only
At League, everyone is welcome. We believe individuals should not be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you are an individual in need of assistance at any time during our recruitment process, please contact us at [email protected].
Our Application Process:
Applying to a role you love can be exhausting, and understanding the next steps can feel vague and uncertain. You have done the hard part of submitting your application; let’s do ours by sharing potential next steps
- You should receive a confirmation email after submitting your application.
- A recruiter (not a computer) reviews all applications at League.
- If we see alignment with League’s needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
- The final step is an offer, which we hope you will accept!
- Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring.
Here are some additional resources to learn more about League:
Recognize and Avoid Employment scams. Practice safe job searching.
Scammers are getting craftier and leveraging fake job postings to get personal information. Know the warning signs and protect yourself from scammers. Learn more here.