Lead Security Engineer

What You’ll Do 

The Lead Security Engineer is responsible for providing technical leadership and strategic guidance in the design, implementation, and maintenance of the company's infrastructure. The Lead Security Engineer will use their full breadth of technical knowledge to help drive current security initiatives forward, as well as plan for the future Strive Health security program. As part of this, the Lead Security Engineer will collaborate closely with internal and cross-functional teams, including senior staff and executives, to ensure the development and deployment of effective security solutions aligned with business objectives. This role will report to the Sr. Manager, Security. 

 The Day to Day 

• Team Mentorship and Contributions: 
  • Mentor a team of security analysts and engineers, fostering their professional growth.
  • Contribute to your own professional development and the development of others by providing direct feedback on opportunities for continuous improvement.
  • Contribute to a collaborative and high-performing culture within the security team.
    

• Security Infrastructure Design and Implementation:
  • Architect and design robust security solutions across the organization's systems and networks.
  • Oversee the implementation and maintenance of security systems, tools, and technologies.
  • Ensure compliance with industry standards, regulations, and best practices. 

• Incident Response and Threat Management:
  • Oversee the development and implementation of incident response plans and procedures.
  • Lead investigations and coordinate response efforts in case of security incidents.
  • Stay informed about emerging threats and vulnerabilities and recommend proactive measures to protect against them. 

• Risk Assessment and Compliance:
  • Develop and implement strategies to mitigate risks and ensure compliance with regulations.
  • Collaborate with compliance/privacy team to respond to audits and implement corrective actions. 

• Security Awareness and Training:
  • Promote a strong security culture through training and awareness programs.
  • Educate employees on security best practices and ensure adherence to policies.
  • Provide guidance to technical teams on secure coding, system configurations, etc. 

 Minimum Qualifications 

• Bachelor’s degree in Computer Science, Information Security, or related field. 

• 4 years experience in information security, including hands-on experience with security technologies and tools. 

• 4 years experience in cloud security principles and experience securing cloud environments (SaaS, IaaS, PaaS). 

• 2 years demonstrable experience with scripting and automation tools (e.g., Python, PowerShell, Chef, CloudFormation). 

• 1 years leading at least one large-scale security project. 

• Internet Connectivity - Min Speeds: 3.8Mbps/3.0Mbps (up/down): Latency <60 ms. 

Preferred Qualifications 

• Experience writing CI/CD pipelines strongly preferred. 

• Familiarity with emerging technologies such AI and their security implications strongly preferred. 

• Experience leading infrastructure certification against common security frameworks, standards, and regulatory requirements, HITRUST preferred. 

• Architectural experience in designing and implementing secure systems and networks. 

• Experience in managing security incidents, investigations, and response coordination. 

• Knowledge of risk management frameworks and methodologies. 

• Strong understanding of compliance requirements and experience in regulatory audits. 

• Track record of developing and delivering effective security awareness and training programs for all employees. 

• Advanced certifications in information security (e.g., CISSP, CISM) are highly desirable. 

• Experience with DevSecOps practices and integrating security into the software development lifecycle. 

• Industry certifications such as CISSP, CISM, or GIAC certifications are a plus. 

About You 

• Excellent problem-solving and analytical skills, with the ability to assess complex security issues and provide effective solutions. 

• Strong communication skills, with the ability to articulate technical concepts to both technical and non-technical stakeholders. 

• Proven ability to collaborate with senior staff and executives. 

 Annual Base Salary Range: $130,000 - $163,000

Salary : $130,000 - $163,000