Redox Lead Security Engineer-Risk Operations - Remote in US!

Are you a Security Risk Leader who is passionate about applying scientific methods to security while preparing us for the potential “worse case” scenarios? 

Redox is searching for an exceptionally talented Tech Lead for our Security Risk Operations team. In this role, you will set the direction for our security risk management processes, prepare the company to handle security incidents, and ensure our vulnerability and issue management processes are efficient and scalable.

Redox Security Engineers solve the most challenging technical security problems holding back healthcare technology while making a huge impact on the daily lives of patients. Effective security programs are driven by risk management. Security Risk Operations ensures our team has robust processes to identify, assess and manage the security risks of our organization. At Redox, we use quantifiable practices to ensure we are correctly prioritizing and able to measure the impact of the company’s security program and initiatives. Additionally, we ensure our business is prepared to respond appropriately, in the event that these risks do eventuate.

You will be responsible for technical leadership and hands-on building, operating, and maintaining the Security Risk Operations function at Redox.

Responsibilities:

• Be an active voice in our small, focused security team as the primary engineer responsible for Risk Operations


• Design and facilitate the processes by which we conduct quantifiable security risk assessments and forecasts


• Describe complex problems we face in broadly-understandable terms based on the audience (stakeholders)


• Approach securing our company pragmatically, empathizing with our business to understand our needs while ensuring key risks are being addressed


• Own our incident response processes and procedures, including facilitation of tabletop exercises


• Work with engineering and security teams to ensure we are prepared, technically and procedurally, to respond to incidents


• Support security incident response during security incidents by providing leadership and coordination across business functions


• Build and oversee our business processes for vulnerability management


• Maximize security impact and reduce risk while minimizing the negative impact on our business’s velocity


• Implement and maintain scalable Vendor Risk Management processes

Required Skills:

• 3+ years of hands-on experience with quantifiable risk management processes


• Knowledge of current security threats, risks, and processes to quantify and manage them


• Ability to distill complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders, including clear communication and leadership during incidents


• Ability to build and maintain effective incident response procedures, including training and exercises


• Experience with Vendor Security Management processes and tools


• Some development or quantitative science experience is highly desired

This is a remote based opportunity. You can live and work anywhere within the US.   We are only hiring for US based candidates.