Staff Software Engineer, Cloud Security

2 weeks, 6 days ago
Full-time
Senior
Software Development
Included Health

Included Health

Included Health is a healthcare company that provides cost-saving solutions for employers and health plans. They offer virtual care and navigation services, connecting millions with board-certified doctors and specialists for comprehensive and convenie...

Insurance
1K-5K
$106M raised

Description

  • Design, develop, and implement cloud authorization frameworks for roles, resource restrictions, task-based access, and granular engineering access.
  • Lead implementation of Just-In-Time (JIT) access controls for production systems, secrets, and data to reduce standing privileges.
  • Collaborate with engineering to integrate data classification into access control decisions.
  • Develop and maintain security automation scripts, tools, and services in Python or Go for operations, vulnerability management, compliance, and incident response.
  • Write clean, maintainable, and testable code for security automation, integrations, and security-focused tooling.
  • Implement Infrastructure as Code security controls using Terraform for definition, enforcement, and auditing of configurations.
  • Contribute to centralized security controls such as an engineering-owned Web Application Firewall (WAF).
  • Partner with teams to secure the development toolchain and reduce supply chain risk.
  • Design and implement a secure mechanism for webhook testing in local development environments.
  • Define and enforce container security hardening standards in collaboration with engineering teams.
  • Remediate legacy cloud environments, especially in GCP, by inventorying and improving security controls.
  • Work with infrastructure, engineering, DevOps, and product teams to embed security into systems, architectures, and CI/CD pipelines.
  • Serve as a cloud security subject matter expert by providing guidance, code reviews, and best practices.
  • Support change management for new security controls and workflows.
  • Conduct security assessments, threat modeling, and incident response support, including automation for faster prevention and response.
  • Document security architectures, controls, automation scripts, and incident response playbooks.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 5+ years of experience in cloud security with a strong emphasis on AWS.
  • Proven hands-on software development experience in Python and Go for security automation, tools, and infrastructure management.
  • Experience designing and implementing authorization and access control frameworks such as RBAC, ABAC, or policy-as-code.
  • Experience implementing Just-In-Time (JIT) access solutions.
  • Deep proficiency with Infrastructure as Code, especially Terraform modules for security.
  • Experience with containerization technologies such as Docker and Kubernetes/EKS, including container hardening.
  • Experience with SDLC security, CI/CD pipeline security integration, and secure software development practices.
  • Experience with security logging, monitoring, and alerting tools such as SIEM, AWS CloudTrail, CloudWatch, and GuardDuty.
  • Experience with cloud security frameworks, especially HIPAA, regulations, and standards.
  • Familiarity with Ruby is a plus.
  • Experience with GCP is a plus.
  • Experience working on granular data access control in cloud environments is a plus.

Benefits

  • Remote-first culture.
  • 401(k) savings plan through Fidelity.
  • Comprehensive medical, vision, and dental coverage, including disability insurance options.
  • Paid Time Off (PTO) and Discretionary Time Off (DTO).
  • 12 weeks of 100% paid parental leave.
  • Family-building and compassionate leave, including fertility coverage and up to $25,000 for surrogacy/adoption support.
  • Work-from-home reimbursement for home office and team collaboration needs.
  • Base salary ranges from $174,320 to $320,099 depending on geographic zone, plus equity and benefits.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Intern, Forward Deployed Engineering

Workato 251-1K IT Services

Workato is hiring a Forward Deployed Engineering intern to support AI-driven automation initiatives by helping build intelligent agents and enterprise workflow integrations on its Agentic AI platform.

JavaScript JSON LLM Python REST API Salesforce
15 hours, 14 minutes ago

Software Engineer 3

Black Duck Inn 1K-5K Internet Software & Services

Black Duck Software is seeking a License Developer to evolve legacy licensing systems and build reliable, production-ready services for secure 24/7 customer use.

CI/CD DevSecOps Java Kubernetes Linux REST API Ruby on Rails
15 hours, 14 minutes ago

Statistical Programmer Sr

eClinical Solutions 251-1K Professional Services

Experienced Statistical Programmer role at a clinical research organization focused on delivering compliant statistical programming outputs for multiple clinical studies and regulatory submissions.

Git GitHub GitLab R SAP Shell Scripting
15 hours, 14 minutes ago

Data Conversion Software Engineer

Career TEAM 251-1K Professional Services

Career Team is hiring a Data Conversion Software Engineer to build data transformation and integration software for government-funded workforce development programs across the United States.

Agile Angular CI/CD Docker Express.js JavaScript JSON MongoDB NestJS Next.js Node.js React Scrum TypeScript XML
15 hours, 29 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers