Senior Security Engineer

About Us:

Function was founded with a singular focus: empower you to live 100 healthy years. We’re doing that by using the best available technology to make sure people don't suffer or die a preventable death. Function has been recognized as one of Fast Company’s Most Innovative Companies of 2024, and is venture-backed by Andreessen Horowitz (a16z). Hundreds of thousands of members have joined Function to take control of their health. We are growing our team and seeking out world-class talent that deeply believes in our mission to positively impact global health, has a relentless bias toward action and a growth mindset. Function fosters a collaborative and dynamic environment, where every day we are building the future.

Role:

We’re looking for a pragmatic Senior Security Engineer with a strong focus on Identity and Access Management (IAM) to join our lean, fast-paced Security Operations team. In this hands-on role, you will lead the design and management of critical IAM systems protecting our clients’ health data—the foundation of our business. With nearly 1 million users and growing rapidly, you will be leading efforts for Okta and ConductorOne, responsible for application integrations, enabling provisioning, building out our Okta organizational structure, and enforcing security policies around user access.
Beyond IAM, there’s room to expand into security operations, IT automation, and compliance as our team grows. This is a unique opportunity to own one of the strongest security controls in the company and directly reduce organizational risk at scale.

Key Responsibilities:

• Administer and optimize Okta, including:
  • Integrating new applications for SSO
  • Implementing and enhancing provisioning and revocation workflows
  • Building and maintaining Okta organizational structure and role mappings
• Administer ConductorOne to:
  • Integrate it with all relevant applications
  • Conduct User Access Reviews (UARs)
  • Enforce time-based access controls
  • Enable and improve automated provisioning and revocation
• Collaborate with cross-functional teams to ensure secure onboarding/offboarding and least privilege enforcement
• Support ongoing IAM policy development, documentation, and audit readiness
• Monitor and respond to IAM-related alerts and incidents, escalating as needed
• Identify opportunities to automate IAM workflows and enhance security operations
• Participate in broader security initiatives including vulnerability management, IT automation, and compliance support

Qualifications/Skills:

• 5-7+ years of security engineering experience including 2-3+ hands-on experience administering IAM platforms within Okta and/or ConductorOne
• Strong knowledge of SSO protocols (SAML, OIDC), provisioning standards (SCIM), and IAM best practices
• Experience integrating multiple SaaS applications into centralized IAM systems
• Familiarity with user lifecycle management, role-based access control (RBAC), and access review processes
• Solid understanding of cloud infrastructure identity models (GCP preferred) and security operations fundamentals
• Experience using Terraform for infrastructure as code, particularly for managing IAM resources and integrations
• Comfortable working independently in a fast-moving environment with minimal supervision
• Strong organizational skills and a detail-oriented mindset
• Google Workspace experience highly desired

To be a strong fit, you also need:

• Bias Toward Action: Demonstrated ability to take initiative, make decisions under uncertainty, and move projects forward even in the face of ambiguity. We value individuals who are self-starters and ready to act on opportunities and challenges alike.
• Entrepreneurial Spirit: Strong adaptability to changing business needs with a knack for building and optimizing processes. Your entrepreneurial mindset will be crucial in navigating the dynamic landscape of our industry, ensuring our platform remains competitive and responsive to user needs.
• Communication: Excellent communication skills, capable of explaining complex technical concepts to non-technical stakeholders. Effective communication is vital for cross-functional collaboration and ensuring alignment across our organization.
• Remote Work Adaptability: Comfort with remote work environments, demonstrating the ability to stay productive and connected with the team irrespective of physical location.
• Continuous Improvement: A willingness to question assumptions and a commitment to continuous improvement. Your openness to feedback and dedication to personal and professional growth will contribute significantly to our collective success.

Your dedication to these responsibilities will directly contribute to the success of our platform and the satisfaction of our users. We are looking for a proactive, skilled, and forward-thinking individual to join our team and help shape the future of our services.

Nice-to-Have Skills and Experiences:

While the core competencies are essential, the following qualifications will distinguish exceptional candidates:

• Healthcare Data protection Expertise: experience with healthcare data protection (e.g., HIPAA), red teaming, or security architecture.
• Start-Up Experience: We highly value individuals with start-up experience, especially former founders or early engineering hires. This experience indicates a versatile skill set and an ability to thrive in fast-paced, evolving environments.
• Familiarity with Health Technologies: Knowledge of or experience with popular health technologies, such as Oura, Whoop, Apple Watch, and CGMs (Continuous Glucose Monitors). An interest in or experience with health and wellness technologies suggests a passion for leveraging technology to improve personal and community health outcomes.

Why You'll Love Working With Us:

• Empowerment in Your Role: Revel in the autonomy to work on projects that resonate with your passion and expertise. Thrive in a supportive atmosphere where your independence is cherished, free from the constraints of micromanagement.
• Collaborative and Innovative Culture: Become part of a vibrant community that not only values but thrives on collaboration and innovation. Here, swift execution and the celebration of fresh ideas are the bedrock of our success.

We value our team at Function and offer a competitive salary and benefits package, flexible working hours, and a dynamic work environment where creativity and innovation are encouraged. If you are a highly motivated and experienced individual who is passionate about using technology to improve people’s lives, we would love to hear from you.
Join the Function Health team and become a part of our mission to revolutionize healthcare. Work with us to make a difference in the lives of thousands, ensuring a healthier future for all. Discover more about us and how we're changing the face of healthcare at Function Health.