Information Security and Compliance Co-op
Boston, MA
Zus Health
Who we are
Zus is a shared health data platform designed to accelerate healthcare data interoperability by providing easy-to-use patient data via API, embedded components, and direct EHR integrations. Founded in 2021 by Jonathan Bush, co-founder and former CEO of athenahealth, Zus partners with HIEs and other data networks to aggregate patient clinical history and then translates that history into user-friendly information at the point of care. Zus's mission is to catalyze healthcare's greatest inventors by maximizing the value of patient insights - so that they can build up, not around.
What we’re looking for
Security is central to Zus’s mission to bring information speed to health care. As part of our infrastructure and security team, you’ll contribute to development and hardening of our AWS cloud environments, assist product teams with service deployment and security improvements, participate in threat modeling and risk assessment activities, contribute to our SOC2 audit compliance program, along with other many aspects of powering a startup to success.We’re looking for someone comfortable with tackling a diverse set of responsibilities and who can communicate effectively with the rest of the organization.
Zus is a shared health data platform designed to accelerate healthcare data interoperability by providing easy-to-use patient data via API, embedded components, and direct EHR integrations. Founded in 2021 by Jonathan Bush, co-founder and former CEO of athenahealth, Zus partners with HIEs and other data networks to aggregate patient clinical history and then translates that history into user-friendly information at the point of care. Zus's mission is to catalyze healthcare's greatest inventors by maximizing the value of patient insights - so that they can build up, not around.
What we’re looking for
Security is central to Zus’s mission to bring information speed to health care. As part of our infrastructure and security team, you’ll contribute to development and hardening of our AWS cloud environments, assist product teams with service deployment and security improvements, participate in threat modeling and risk assessment activities, contribute to our SOC2 audit compliance program, along with other many aspects of powering a startup to success.We’re looking for someone comfortable with tackling a diverse set of responsibilities and who can communicate effectively with the rest of the organization.
As part of our team, you will
- Help with Regulatory Compliance (SOC2), maintaining an auditable security posture
- Track KPI around security, and help steer the strategy of how the InfraSec team uses and responds to these signals
- Improve CI/CD tools integration/operations, and full automation of CI/testing
- Participate in Threat Modeling (STRIDE) sessions, and help document, capture, and prioritize remediation or improvements
- Cloud security (AWS): help improve security posture by researching and implementing configurations, fixes, or third-party services
- Work with other engineering teams to develop or improve cloud infrastructure, remediate security vulnerabilities or improve logging, monitoring and metric capabilities
- Help improve our engineering reliability and stability plan, including incident management and SLO monitoring
You're a good fit because you have
- A passion for information, infrastructure, or cloud computing
- Experience with AWS compute and networking resources (ALB, S3, EC2, ECS, etc.)
- A desire to learn and steward Infrastructure-as-Code (we primarily use Terraform)
- Experience with continuous deployment
- Familiarity with CI/CD pipeline tools (we primarily use GitHub Actions and Datadog) to achieve repeatable, idempotent, secure and monitored pipelines of code deployments
- General awareness and knowledge of cybersecurity principles
- Familiarity with Linux and the command line and coding: shell/bash, nodeJS, python (not necessary these languages, but the willingness to learn languages/frameworks to accomplish guided tasking)
- A self-starter attitude that shows that you are ready for the fast, and sometimes unstructured, nature of an early stage startup, and can get things done independently
- An effective communicator, and the willingness to level up in technical writing and communication (intra-team, customer, vendor, and leadership)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
1
0
0
Category:
Compliance Jobs
Tags: APIs Automation AWS Bash CI/CD Cloud Compliance EC2 GitHub Linux Monitoring Node.js Python Risk assessment S3 SOC 2 Strategy Terraform Vulnerabilities
Perks/benefits: Competitive pay Startup environment
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsInformation Security Specialist jobsInformation Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsPrincipal Security Engineer jobsSenior Penetration Tester jobsIT Security Engineer jobsChief Information Security Officer jobsCloud Security Architect jobsCyber Security Specialist jobsSenior Information Security Analyst jobsSecurity Specialist jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsCybersecurity Consultant jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsIT Security Analyst jobsSenior Information Security Engineer jobs
SaaS jobsEncryption jobsRMF jobsSDLC jobsMalware jobsIPS jobsIDS jobsEDR jobsGDPR jobsForensics jobsSQL jobsSplunk jobsDoDD 8570 jobsTop Secret jobsBash jobsITIL jobsFinance jobsOWASP jobsUNIX jobsCompTIA jobsIntrusion detection jobsTerraform jobsCRISC jobsDocker jobsTCP/IP jobs
Polygraph jobsSANS jobsActive Directory jobsThreat detection jobsGIAC jobsData Analytics jobsBanking jobsClearance Required jobsCCSP jobsVPN jobsSOAR jobsOSCP jobsAnsible jobsGCIH jobsDNS jobsJira jobsSOX jobsArtificial Intelligence jobsJavaScript jobsSOC 2 jobsIT infrastructure jobsHIPAA jobsSecurity strategy jobsOracle jobsMITRE ATT&CK jobs