IT Security Engineer @ League

IT Security Engineer

Remote

Posted on 3/4/2023

INACTIVE

Locations

Washington, DC, USA • Remote

Experience Level

Entry

Junior

Mid

Senior

Expert

Requirements

Data Security management experience
DLP policy implementation
Internal IT audit evidence fulfillment experience; SOC 2, HIPAA, GDPR, PIPEDA, client audit requests, internal and external audits
You should receive a confirmation email after submitting your application
A recruiter (not a computer) reviews all applications at League
If we see alignment with League's needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring
The final step is an offer, which we hope you will accept!
Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring

Responsibilities

Proactively make recommendations to improve existing processes, making the internal IT service secure and employee-centric
Build, test & maintain League's hybrid work security infrastructure
Implement new features and core services in the League security infrastructure
Architect, implement and own system operation policies including but not limited to Access Control, Encryption Control, Logging, Change Management and Platform Security
Tested and evidence based approach to corporate network security and endpoint protection
Identification and implementation of up to date security protocols to establish a robust security posture that can be exemplified to vendors and auditors
Implementation and maintenance of DLP policies
Audit review and response in regards to internal corporate infrastructure

Help Us Shape the Future of Healthcare

At League, we’re big on building connections - both through our product and with each other. Our platform is consumer centric, personalized and always on. We’re reimagining the health benefits experience to give people a more consumer-centric way to manage their health: immediate, seamless, and tailored to their unique needs. It’s a front door to healthcare that empowers people to live healthier, happier lives. Every day.

Position Summary:

As the IT Security Engineer you are responsible for assessing and providing a unified approach to League’s corporate network security infrastructure. You build scalable and reliable systems to manage risk and ensure a secure operating environment, whether in one of our offices or across the cloud.

You design, build, and maintain the security infrastructure. You bring an employee focused mindset while managing risk and maintaining secure access to our resources and data. Personal information, personal health information, and intellectual property are your subject material.

Security is a top priority at League. You will serve a key role in enabling digital leak protections to secure the intellectual property of League and all its products. Working closely with the Internal Audit team, Identity Administrator, and IT Service Desk Team, you will be in charge of coordinating IT audit and reportability for our many security frameworks, SOC 2, HIPAA, GDPR, PIPEDA and any other major privacy legal standard.

In this role you will:

Proactively make recommendations to improve existing processes, making the internal IT service secure and employee-centric.
Build, test & maintain League’s hybrid work security infrastructure
Implement new features and core services in the League security infrastructure
Architect, implement and own system operation policies including but not limited to Access Control, Encryption Control, Logging, Change Management and Platform Security

Desired Outcomes:

Tested and evidence based approach to corporate network security and endpoint protection
Identification and implementation of up to date security protocols to establish a robust security posture that can be exemplified to vendors and auditors
Implementation and maintenance of DLP policies
Audit review and response in regards to internal corporate infrastructure

Minimal Qualifications:

Data Security management experience
DLP policy implementation
Internal IT audit evidence fulfillment experience; SOC 2, HIPAA, GDPR, PIPEDA, client audit requests, internal and external audits

Attributes / Characteristics:

Understands how their work fits into team and company objectives
Communicates assumptions and gets clarification on tasks up front to minimize the need for rework
Solicits feedback from others, and gives timely, helpful feedback to peers and managers

USA APPLICANTS ONLY: The US-specific compensation range below for this full-time position is exclusive of bonus, equity and benefits. This range reflects the minimum and maximum target for base salaries for the position across all US locations. Where in the band you may land is determined by job-related skills/experience and location. Your recruiter can share more about the specific salary range for your location during the hiring process.

Compensation range for USA applicants only

$75,296—$104,517 USD

At League, everyone is welcome. We believe individuals should not be disadvantaged because of their background or identity, but instead should be considered based on their strengths and experience. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you are an individual in need of assistance at any time during our recruitment process, please contact us at [email protected].

Our Application Process:

Applying to a role you love can be exhausting, and understanding the next steps can feel vague and uncertain. You have done the hard part of submitting your application; let’s do ours by sharing potential next steps

You should receive a confirmation email after submitting your application.
A recruiter (not a computer) reviews all applications at League.
If we see alignment with League’s needs, a recruiter will reach out to learn more about your goals. The recruiter will also share the team-specific interview process depending on the roles you are exploring.
The final step is an offer, which we hope you will accept!
Prior to joining us, we conduct reference and background checks. Additional checks could be required for US Candidates, depending on the role you are exploring.

Here are some additional resources to learn more about League:

Learn more about us in this short video!

League, Cleveland Clinic collaborate to make employees healthier across North America

League and Loblaw bring next-generation digital health platform to customers

League Completes Workday Approved Integration

Recognize and Avoid Employment scams. Practice safe job searching.

Scammers are getting craftier and leveraging fake job postings to get personal information. Know the warning signs and protect yourself from scammers. Learn more here.

Privacy Policy

Review our Privacy Policy for information on how League is protecting personal data.

201-500 employees

Website

Digital health platform

Company Overview

League is on a mission to power the digital transformation of healthcare. The company is building digital infrastructure for better consumer health experiences.

Benefits

Personalized benefits plan
Health, Lifestyle & Learning spending accounts
Flexible medical and dental plans
Fertility treatment support
Paid parental leave and baby bonus
Unlimited PTO
Free mental health counselling and support
Employee Stock Option Program
Exclusive access to a curated wellness marketplace
Sabbatical program
RRSP/401K accounts
High-impact onboarding
Extra-long holiday weekends
Mental health (wellness) days

Company Core Values

Creating a healthier future.
Building a dream team.
All owners.
Aspiring to live our best lives.
In it to win it.