Security Engineer II

Healthcare quality is declining and soaring costs are crushing American families and businesses. At Garner, we’ve developed a revolutionary approach to evaluating doctor performance and a unique incentive model that's reshaping the healthcare economy to ensure everyone can afford high quality care. By providing organizations relief from surging healthcare costs, we've experienced rapid adoption in the market and have more than doubled our revenue annually over the last 5 years, becoming the fastest growing company in our space. To support our continued growth, we're expanding our team by over 50% each year, seeking exceptional talent to shape our award-winning culture (e.g., USA Today Top Workplaces 2025) designed to cultivate teamwork, trust, autonomy, exceptional results, and individual growth that creates an inflection point in your career.

We are seeking a skilled and motivated Security Engineer to join our dynamic team. As a Security Engineer, you will play a crucial role in safeguarding our organization's digital assets, ensuring the integrity and confidentiality of our systems and data. You will be responsible for implementing and operating security tooling with your existing IAC/platform skills, maintaining security controls, and responding to security incidents and breaches. This role offers an exciting opportunity to work with cutting-edge technology and improve our security posture.

This position is fully remote.

• Security Engineering: Design, implement, and operate security tooling and services in cloud (including IAC components) and on-premises ecosystems such as AWS, GCP, Snowflake, Wiz, Okta.
• Incident Detection and Response: Monitor for suspicious activity, investigate security incidents, and coordinate response efforts to mitigate threats.
• Vulnerability Management: Conduct vulnerability assessments and penetration tests, analyze results, and collaborate on remediation.
• Security Compliance: Ensure adherence to standards like HITRUST, SOC 2, ISO 27001 through monitoring, audits, and policy enforcement.
• Security Awareness and Training: Develop training programs and promote security best practices organization-wide.
• Incident Documentation and Reporting: Document incidents, resolutions, lessons learned, and prepare security reports.
• Security Tool Evaluation and Integration: Research and recommend new security tools, integrating them into existing infrastructure.
• Collaboration and Communication: Work with IT, engineering, and compliance teams to align security initiatives with business goals.

• Ability to work independently and collaboratively, managing multiple projects and communicating effectively with non-technical stakeholders.
• Deep knowledge of cloud security risks, solutions, and systemic prevention processes.
• Understanding of application and infrastructure vulnerabilities, detection, prevention, and mitigation techniques.
• Proficiency with Terraform in cloud environments.
• Knowledge of cloud IAM principles and best practices.
• Experience with SIEM tools for detecting compromises and incident reporting.
• Ability to write scripts or automate tooling independently.
• Knowledge of network security principles and protocols.
• Experience with threat modeling for cloud-native applications (NodeJS, Python) and data pipelines.
• Experience with IAC tools like Terraform or Pulumi.
• Experience deploying DLP tools in regulated environments.
• At least 4 years of experience in security engineering, preferably in fast-paced tech or HealthTech environments.
• Recent experience with our tech stack, including AWS security tools, Wiz, DataDog SIEM, Kubernetes, and container security.

AWS security tools: CloudTrail, GuardDuty, Control Tower, Identity Center; Wiz; DataDog SIEM; Socket.dev or Trivy; Snowflake; Kubernetes/container security.

The target salary range is $150,000 - $180,000, depending on qualifications and skills. The role includes participation in our equity incentive plan and benefits such as flexible PTO, Medical/Dental/Vision plans, 401(k), Teladoc, and more.

Be aware of recent job scams. Our recruiters exclusively use getgarner.com email addresses. Report suspicious contacts to law enforcement and candidateprotection@getgarner.com.

Garner Health values diversity and is an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or other protected characteristics. We provide accommodations for individuals with disabilities during our recruiting process. Contact us at talent@getgarner.com for assistance.