This Job Vacancy has Expired!

Senior Incident Response Security Engineer

Posted on Oct 17, 2020 by One Medical

Austin, TX
Health & Safety
Immediate Start
Annual Salary


One Medical is a membership-based primary care platform challenging the
industry status quo by making quality care more affordable, accessible and
enjoyable. But this isn t your average doctor s office. We re on
mission to transform healthcare, which means tackling the frustrations of
everyone involved from patients and providers to employers and health

Across the country, our members enjoy access to comprehensive care at more than
80 locations across twelve cities (and counting!) as well as 24/7 access to
virtual care. We ve reached some exciting milestones this year, but our wor
is far from over. As we continue to grow and broaden our impact, we re
building a diverse, driven and empathetic team, while working hard to cultivate
an environment where everyone can thrive.

The Opportunity

As a Senior Incident Response Security Engineer you will be on the front lines
of securing people s healthcare and personal information at scale. This rol
isn t for button pushers, software engineers, or computer scientists. This
role is for security practitioners. We expect you to do everything from leading
high severity security incidents to resolution, implementing the latest
detection techniques, and driving custom automations and integrations to
enhance response workflows. This position will constantly challenge you to
learn new skills and apply yourself in different ways towards our mission of
advancing security in the healthcare industry.

In this role, you will be expected to collaborate with individuals from across
all different levels and functions with the organization. You will partner with
these teams on security issues that oftentimes have ambiguous solutions, and
work to design solutions that align with broader organizational goals. This
will require partnership and persuasion to gain the support and commitment of
others while optimizing work processes by identifying opportunities to improve.

As a member of the One Medical Security team you will be joining a team of
highly technical people focusing on having a meaningful impact on the company
and the greater healthcare industry. We operate with a team first
mentality focusing on collaboration to move the security needle forward. Our
drive for team success is tied closely with our commitment to personal growth;
every team member is empowered to pursue research and contribute to projects
that are not strictly defined by their role.

* Monitoring, detecting, responding to security events across our
* Leading efforts with cross-functional teams to drive investigation,
containment and remediation efforts during incidents
* Driving the development of new and novel solutions for detecting and
mitigating threats against One Medical
* Interrogating network and host artifacts originating from multiple
operating systems and/or applications
* Building automation between tools and systems utilizing APIs to help
create efficient detection & response workflows.
* Leading security projects that help to improve the company's security
posture, as well as the industry itself
* Participating in security research, presentation, and security industry
You ll be set up for success if you have:
* 3+ years experience in Security Detection & Response
* 2+ years of experience with any scripting language (python, javascript,
bash, go, ruby, etc)
* Significant experience leading incidents and familiarity with the phases
involved in the IR Lifecycle from start to finish (Preparation,
* Identification, Containment, Eradication, Recovery, Lessons Learned)
* Demonstrated ability to analyze and correlate data from a wide variety of
external and internal sources for technical investigations
* Experience in writing high signal detections using logs ingested from
multiple sources throughout our infrastructure
* Strong investigative mindset with acute attention to detail to facilitate
root cause analysis
* Experience writing, reading, and debugging regular expressions
* The ability to think critically to solve complex security problems and
design efficient solutions using knowledge of security threats, attack
vectors, vulnerabilities and exploits
* The ability to think strategically & understand how different cross-
functional programs within the Technology org align together to improve
the security posture of the company

* Experience with common security tools such as Splunk, Bro, Suricata,
OSQuery, AWS Lambda, ELK
* Experience performing dynamic analysis of malware to develop signatures
and countermeasures
* Forensic experience in at least one major operating system platform
(Windows, OS X, or Linux)
* Experience performing offensive assessments, penetration testing, exploit
development, or vulnerability analysis
* Experience developing and maintaining relationships with members of the
Information Security, Threat Intelligence, and Law Enforcement
* Contribution to the security community such as presenting at conferences,
publishing research articles, open source projects


Taking care of you today
* Paid sabbatical after 5 and 10 years
* Employee Assistance Program - Free confidential advice for team members
who need help with stress, anxiety, financial planning, and legal issues
* Competitive Medical, Dental and Vision plans
* Free One Medical memberships for yourself, your friends and family
* Pre-Tax commuter benefits
* PTO cash outs - Option to cash out up to 40 accrued hours per year
Protecting your future for you and your family
* 401K match
* Opportunity to participate in company equity programs
* Credit towards emergency childcare
* Company paid maternity and paternity leave
* Paid Life Insurance - One Medical pays 100% of the cost of Basic Life
* Disability insurance - One Medical pays 100% of the cost of Short Term
and Long Term Disability Insurance
This is a full-time role based in Austin, TX.

One Medical is an equal opportunity employer and encourages all applicants from
every background and life experience.
Show moreShow less

Reference: 27912280

Set up alerts to get notified of new vacancies.