Staff Security Engineer

Job Description

Gradient AI:

Gradient AI is a leading provider of AI solutions for the Group Health and P&C insurance industries. Our solutions improve loss ratios and profitability by predicting underwriting and claim risks with greater accuracy, as well as reducing quote turnaround times and claim expenses through intelligent automation. Gradient AI's SaaS platform leverages a vast industry data lake comprising tens of millions of policies and claims, providing insurers with high resolution, data-driven insights. Customers include some of the most recognized insurance carriers, MGAs, MGUs, TPAs, risk pools, PEOs, and large self-insured employers across all major lines of insurance. Founded in 2018, Gradient has experienced strong growth every year, and recently raised $56 million in Series C funding from top Insurtech investors.

About the Role:

We are in search of a Staff Security Engineer to manage our overall security posture. You will have a broad knowledge of the security landscape and be able to leverage that knowledge into actionable controls and metrics to make us more secure overall. This is a fully remote opportunity.

How you will make an impact:

Risk/Compliance

• Lead the evaluation for HITRUST certification and SOC2 report
• Perform risk assessments

Cloud Security

• Assess and improve network & data security

Cloud Posture Management

• Implement and automate cloud configuration management to ensure security best practices, compliance, and continuous risk mitigation

Security Operations

• Drive enterprise security initiatives that enhance the organization's resilience against cyber threats
• Manage and optimize our Security Information and Event Management (SIEM) system to ensure accurate threat detection and effective response
• Develop and fine-tune detection rules to identify and mitigate security threats in real time
• Conduct assessments, penetration tests, and vulnerability scans to identify and remediate security gaps
• Ensure timely patching of systems and applications to reduce exposure to known exploits
• Deploy and manage endpoint detection response (EDR) solutions to monitor, detect, and respond to endpoint threats
• Manage user authentication, permissions, and security to protect access to critical systems
• Implement and enforce mobile device management (MDM) security policies to safeguard corporate endpoints

Skills needed to succeed:

• 5+ years of experience as System Security Engineer or Information Security Engineer
• Experience managing security audits for SOC2 or HITRUST
• Experience in building and maintaining security systems
• Security Information Event Management (SIEM) solutions
• Hands on experience in security systems within AWS

Nice to haves:

• Familiarity with securing PHI and PII
• Experience with Data Loss Prevention (DLP)
• Security related Certifications

What We Offer:

• A fun, team-oriented startup culture.
• Generous stock options - we all get to own a piece of what we're building.
• Unlimited vacation days.
• Flexible schedule that supports working from home.
• Full benefits package includes medical, dental, vision, 401k, paid paternal leave, and more.
• Ample opportunities to learn and take on new responsibilities.

We are an equal opportunity employer.