Gradient AI :
Gradient AI is a leading provider of AI solutions for the Group Health and P&C insurance industries. Our solutions improve loss ratios and profitability by predicting underwriting and claim risks with greater accuracy, as well as reducing quote turnaround times and claim expenses through intelligent automation. Gradient AI's SaaS platform leverages a vast industry data lake comprising tens of millions of policies and claims, providing insurers with high resolution, data-driven insights. Customers include some of the most recognized insurance carriers, MGAs, MGUs, TPAs, risk pools, PEOs, and large self-insured employers across all major lines of insurance. Founded in 2018, Gradient has experienced strong growth every year, and recently raised $56 million in Series C funding from top Insurtech investors.
About the Role :
We are in search of a Staff Security Engineer to manage our overall security posture. You will have a broad knowledge of the security landscape and be able to leverage that knowledge into actionable controls and metrics to make us more secure overall. This is a fully remote opportunity.
How you will make an impact :
Risk / Compliance
- Lead the evaluation for HITRUST certification and SOC2 report
- Perform risk assessments
Cloud Security
Assess and improve network & data securityCloud Posture Management
Implement and automate cloud configuration management to ensure security best practices, compliance, and continuous risk mitigationSecurity Operations
Drive enterprise security initiatives that enhance the organization's resilience against cyber threatsManage and optimize our Security Information and Event Management (SIEM) system to ensure accurate threat detection and effective responseDevelop and fine-tune detection rules to identify and mitigate security threats in real timeConduct assessments, penetration tests, and vulnerability scans to identify and remediate security gapsEnsure timely patching of systems and applications to reduce exposure to known exploitsDeploy and manage endpoint detection response (EDR) solutions to monitor, detect, and respond to endpoint threatsManage user authentication, permissions, and identity security to protect access to critical systemsImplement and enforce mobile device management (MDM) security policies to safeguard corporate endpointsSkills needed to succeed :
5 years of experience as System Security Engineer or Information Security EngineerExperience managing security audits for SOC2 or HITRUSTExperience in building and maintaining security systemsSecurity Information Event Management (SIEM) solutionsHands on experience in security systems within AWSNice to haves :
Familiarity with securing PHI and PIIExperience with Data Loss Prevention (DLP)Security related CertificationsWhat We Offer :
A fun, team-oriented startup culture.Generous stock options - we all get to own a piece of what we're building.Unlimited vacation days.Flexible schedule that supports working from home.Full benefits package includes medical, dental, vision, 401k, paid paternal leave, and more.Ample opportunities to learn and take on new responsibilities.We are an equal opportunity employer.
