Devops /Security Engineer
Confirmed live in the last 24 hours
Candid Health

11-50 employees

Medical insurance billing platform
Company Overview
Candid Health is on a mission to fix one of the most broken and costly pieces of the US healthcare system: medical billing. Candid is rethinking medical billing from the ground up, building software backed by best-in-class data science to automate much of this complexity so healthcare providers can get paid dramatically more easily and inexpensively.
San Francisco, CA, USA
Experience Level
Desired Skills
Development Operations (DevOps)
IT & Security
DevOps & Infrastructure
  • You have 4+ years of experience in the security domain, with a proven track record of hands-on involvement in complex projects
  • Your expertise isn't just theoretical. You know how to "talk the talk", especially when it comes to the rituals and routines of security compliance
  • With strong knowledge of HIPAA, you're no stranger to the delicate information we handle
  • You are adaptable and flexible, always ready to engage with security challenges at both enterprise and client levels
  • While you may not write the code, you possess the ability to read, understand, and audit systems, networks, and IT setups to ensure airtight security
  • Implement & Navigate Security Rituals: Understand, oversee, and drive the rituals associated with SOC2, remain abreast with HIPAA, and ensure that we remain compliant and informed
  • Handle Customer Queries: Serve as the primary point of contact for all customer security inquiries, ensuring their concerns and queries are addressed promptly and comprehensively
  • Audit & Oversight: Regularly audit our platforms and tech stack, ensuring that vulnerabilities are identified and addressed in a timely manner
  • Manage Third-party Relationships: Coordinate with vendors for penetration testing and other security services, ensuring that our platforms undergo regular scrutiny and remain fortified
  • Collaborate with Engineering Team: Work closely with the engineering department during feature planning and roll-out, ensuring security remains at the forefront of all initiatives
  • Audit Internal Systems: While you won't directly write the terraform, you will need to read, audit, and provide feedback on internal private networks, IT systems, and more