Staff Security Engineer
**Work from where you are - considering candidates in San Mateo, Santa Barbara, or US-based remote**
Evidation creates new ways to measure and improve health in everyday life—making proactive, personalized, and truly human-centered healthcare possible. By connecting directly with millions of individuals, Evidation harnesses real-world data to deeply understand health experiences, rapidly and at scale. Evidation’s privacy-centric digital health measurement and engagement platform uses data science and machine learning to translate these everyday insights into high-impact health guidance, treatments, and tools. Founded in 2012, Evidation is headquartered in California with employees working around the globe.
The Security Team is responsible for all aspects of security at Evidation. This encompasses a wide range of responsibilities aimed at protecting Evidation’s software, data and infrastructure while ensuring the trust and safety of our customers. This includes partnering with multiple engineering teams including software engineering, data engineers, DevOps and IT. In this role, you will focus on the security of our software, systems and cloud infrastructure, including securing our architecture, implementing mitigations, threat detection and monitoring, writing security policies and participating in defining the long-term strategy for our platform security.
This role is ideal for someone with strong experience in SaaS Platform security who is looking to take their security career to the next level with strong ownership of a complex set of cloud environments and exposure to a broad range of security technologies and domains.
DESCRIPTION OF DUTIES
- Proactively identify and mitigate security vulnerabilities and threats in the application and cloud environments
- Respond to and investigate security incidents and breaches
- Ensure compliance with relevant security standards and regulations
- Conduct regular security audits and risk assessments
- Develop and maintain secure coding guidelines and train development teams accordingly
- Write and maintain security policies and procedures and ensure our teams are following them
- 12+ years of application security and cloud security experience
- Strong security fundamentals, including threat modeling, penetration testing and secure design principles
- Fluency in at least one programming language (Ruby, Python, Bash, etc)
- Familiarity with scalable systems and cloud-native architectures, including Kubernetes, Redis and postgres databases
- Experience maintaining the secure operations of complex cloud environments
- Strong communication skills, especially among audiences with differing technical backgrounds
- Strong network security background and understanding of networking principles
- Experience with AWS Security tooling and building secure systems in AWS
- Experience with IAC such as Terraform or Pulumi
- Experience with Kubernetes and container security preferably in AWS EKS
- Strong programming experience in Python and/or Ruby
- Experience with security testing (penetration testing/red teaming)
- Experience DataDog SEIM and Security Tooling
- Familiarity with cryptographic primitives such as hashing, signing, and encryption
- Experience with network security and observability tools, preferably Cilium
- Experience building and maintaining compliance with regulatory standards like ISO, HIPAA, and 21 CFR Part 11.
- CISSP or equivalent certification
*This job description outlines primary duties and requirements and is not intended to identify all tasks that may be performed; individuals occupying the position may be required to perform other duties. The company may modify job duties from time to time, either in practice or in writing.
At Evidation, we strive to build an equitable and inclusive space where everyone - employees, partners, and participants - belongs and feels valued. Evidation Health values diversity and is committed to equal opportunity for all persons without regard to sex (including pregnancy, childbirth or related medical conditions), gender identity, gender expression, race, color, national origin, ancestry, citizenship, age, religion, physical or mental disability, legally protected medical condition, family care status, military or veteran status, marital status, domestic partner status, sexual orientation, genetic information or any other legally protected characteristic.
We will also reasonably accommodate the physical and/or mental disabilities of an otherwise qualified applicant with a disability in order to enable the applicant to complete the application or interview process, providing undue hardship on Evidation Health would not result.
The US base hiring range for this full-time position is $183,005-$$224,000 + bonus + equity + benefits. The actual starting pay will be based on job-related factors, including work location, experience, training, and skill level, so pay for this role may be higher or lower than what is shown on this posting.