Do you want to help make healthcare more effective and affordable for everyone? That’s our mission at Codoxo. The U.S. spends more on healthcare than any other country in the world, but not all of the $3.8 trillion goes to real patient care. A significant portion, up to 10% or $380 billion, is lost to fraud, waste, and abuse.

Codoxo’s patented artificial intelligence technology helps healthcare companies and agencies identify and act quickly to control costs. Codoxo now has six AI-powered applications that help every department across health insurance payers proactively bring down costs and reduce fraud, waste, and abuse – so more dollars to toward patient care.


Job Description 

Codoxo is seeking a highly motivated IT Security Engineer to further expand the security functionality across our SaaS productscloud environments, and IT infrastructure. This position is a hands-on, multifaceted role, and requires working with AWS services, IT networking, Risk and Compliance Frameworks, and supporting end user applications. Applicants should be excellent critical thinkers and must be able to diagnose incidents across a highly dynamic environment.  The IT Security Engineer will be a part of the Security and Compliance team and will work closely with the Engineering, Data Science, and Product business units. This role will play an integral part in building out Codoxo’s security posture across our AWS environments, SaaS products, and IT systems.  


Responsibilities 

 

·         Optimize and Automate security tool deployments throughout AWS environments 

·         Provide IT support as needed to other teams and business units 

·         Configures, secures, and deploys the MDM solution for managing company information systems.  

·         Implement and configure SaaS applications across multiple departments.  

·         Analyze security aspects of the AWS Environment and Product Architecture, including vulnerability assessment, design, access, and authentication 

·         Works closely with other teams to ensure adequate security solutions are in place throughout all systems, platforms, and products 

·         Coordinates the mitigation of identified risks sufficiently 

·         Reduce attack surface and corresponding response times 

·         Assists Compliance Officer in meeting business objectives and regulatory requirements 

·         Assists in the creation and adherence to an information security strategy 

·         Evaluates, deploys, and maintains secure solutions 

·         Researches, designs, and advocates new technologies, architectures, and products 

·         Produces the technical artifacts that constitute the information security architecture 

·         Designs security architecture elements to mitigate threats as they emerge and change 

·         Performs audits of systems relative to security policies and procedures 

·         Communicates security risks and solutions to partners, staff, and leadership 

·         Supports Red Team initiatives to eliminate risks 

·         Performs Threat Modeling for attack vectors and procedures 

·         Researches and recommends new industry security models, organizational strategies, and resources for presentation to Senior Leadership 

·         Provides post-mortem analysis and corrective action for significant security-related incidents 

·         Maintains systems and tools directly related to security threat protection 

·         Creates and delivers knowledge documentation for Data Science, Customer Success, and Engineering teams 

·         Performs other duties as assigned 


Requirements 

·         2+  years of hands-on experience working in an IT, IT Security, Security Engineering, or Cloud Security (DevSecOps) role. 

·         Bachelor’s degree in Information Technology, Computer Science, or related field of study.  

·         Advanced understanding of Apple OSX and proficient knowledge with Linux operating systems.  

·         Prior IT support or customer support experience 

·         Excellent customer service skills  

·         Must have strong analytical and problem-solving skills. 

·         Ability to multitask and work well under pressure. 

·         Experience working with at least one risk framework or compliance standard, such as HITRUST, HIPAA, NIST 800-53, SOC-2, FedRamp, or PCI, 

·         Hands-on experience working within AWS, preferably in operations, security, or admin role. 

·         Proficient understanding across the AWS technology stack and AWS security offerings  

·         Hands-on experience working with networking solutions (i.e. VPN, Subnets, LAN, WAN, DHCP, and wireless technologies) 

·         Ability to multitask and work well under pressure. 


Strongly preferred 

·         Prior admin experience with Office365 (or GSuite) and Atlassian products 

·         Experience implementing access controls (SAML, OAUTH2, OpenID Connect) 

·         Jamf Pro (or similar MDM solution) experience. 

·         IT support or customer support experience 

·         Hands-on experience working within AWS, preferably in operations, security, or admin role. 

·         Professional certification of GIAC, SSCP, CISSP, CCSP, or AWS Security Specialization is a plus. 

·         Familiarity with web-related technologies (web applications, web services, service-oriented architectures) and network/web related protocols is a plus. 

·         Understanding of API and container security 

·         Experience with DevOps IaC tools like Terraform, AWS CloudFormation, or AWS CDK is a plus.  

·         Understanding of the DevOps CI/CD process and culture. 

·         Product or Application security experience is a plus 

·         Experience with managing, creating, or editing security policies.  

This position has been filled. Would you like to see our other open positions?